CVE-2016-6804
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon.
El instalador de Apache OpenOffice (versiones anteriores a la 4.13, incluyendo algunas denominadas OpenOffice.org) para Windows contiene una operación defectuosa que permite la ejecución de código arbitrario con privilegios elevados. Esto requiere que la localización en la que el instalador se ejecuta haya sido previamente envenenada por un archivo que suplanta una biblioteca de vínculos dinámicos de la que depende el instalador.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-08-12 CVE Reserved
- 2016-10-25 CVE Published
- 2023-09-30 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/93774 | Third Party Advisory | |
http://www.securitytracker.com/id/1037016 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.openoffice.org/security/cves/CVE-2016-6804.html | 2019-11-20 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Openoffice Search vendor "Apache" for product "Openoffice" | < 4.1.3 Search vendor "Apache" for product "Openoffice" and version " < 4.1.3" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|