CVE-2016-1513

7.8HIGH

Key Information:

Vendor: Apache
Status: Openoffice
Vendor: CVE Published:; 5 August 2016

Summary

The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.

References

https://bz.apache.org/ooo/show_bug.cgi?id=127045

x_refsource_MISC

http://www.securityfocus.com/bid/92079

vdb-entryx_refsource_BID

https://security.gentoo.org/glsa/201703-01

vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 5, 2016
Vulnerability Reserved
Jan 7, 2016