CVE-2018-10120

7.8HIGH

Key Information

Vendor
Debian
Status
Debian Linux
Vendor
CVE Published:
16 April 2018

Summary

The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.

References

https://gerrit.libreoffice.org/#/c/49499/
x_refsource_MISC
https://gerrit.libreoffice.org/#/c/49486/
x_refsource_MISC
https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=comm...
x_refsource_MISC

EPSS Score

4% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.