CVE-2017-14226
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application.
WP1StylesListener.cpp, WP5StylesListener.cpp, y WP42StylesListener.cpp en libwpd 0.10.1 no gestiona iteradores correctamente, lo que permite que atacantes remotos provoquen una denegación de servicio (sobrelectura de búfer basada en montículos en la clase WPXTableList en WPXTable.cpp). Esta vulnerabilidad puede desencadenarse en LibreOffice en versiones anteriores a la 5.3.7. Podría conducir a un ataque remoto contra una aplicación LibreOffice.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-09-09 CVE Reserved
- 2017-09-09 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://bugs.documentfoundation.org/show_bug.cgi?id=112269 | Issue Tracking | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1489337 | Issue Tracking | |
| https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9 | Mailing List | |
| https://sourceforge.net/p/libwpd/tickets/14 | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5 | 2020-11-09 | |
| https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3 | 2020-11-09 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Libreoffice Search vendor "Libreoffice" | Libreoffice Search vendor "Libreoffice" for product "Libreoffice" | <= 5.3.6 Search vendor "Libreoffice" for product "Libreoffice" and version " <= 5.3.6" | - |
Affected
| ||||||
| Libwpd Search vendor "Libwpd" | Libwpd Search vendor "Libwpd" for product "Libwpd" | 0.10.1 Search vendor "Libwpd" for product "Libwpd" and version "0.10.1" | - |
Affected
| ||||||