OpenDocument Document Processing Flaw in Hyland Perceptive Products
CVE-2018-3845

8.8HIGH

Key Information:

Vendor: Hyland Software, Inc.
Status: Perceptive Document Filters
Vendor: CVE Published:; 26 April 2018

What is CVE-2018-3845?

A vulnerability in Hyland Perceptive Document Filters allows attackers to exploit a crafted OpenDocument file, leading to improper memory management. This flaw causes a double free of the SkCanvas object, potentially enabling an attacker to execute arbitrary code within the context of the application. Users of the affected versions should update to the latest patch to mitigate risks from this memory management issue.

Affected Version(s)

Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux

References

http://www.securityfocus.com/bid/104023

vdb-entryx_refsource_BID

https://talosintelligence.com/vulnerability_reports/TALOS...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 26, 2018
Vulnerability Reserved
Jan 2, 2018

Hyland Software, Inc.

What is CVE-2018-3845?

Affected Version(s)

References

CVSS V3.1

Timeline