Vulnerability Description
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Openoffice | < 4.1.4 |
| Debian | Debian Linux | 7.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/101585Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039732Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039734Third Party AdvisoryVDB Entry
- https://lists.debian.org/debian-lts-announce/2017/12/msg00017.htmlMailing ListThird Party Advisory
- https://www.debian.org/security/2017/dsa-4022Third Party Advisory
- https://www.openoffice.org/security/cves/CVE-2017-12607.htmlVendor Advisory
- http://www.securityfocus.com/bid/101585Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039732Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039734Third Party AdvisoryVDB Entry
- https://lists.debian.org/debian-lts-announce/2017/12/msg00017.htmlMailing ListThird Party Advisory
- https://www.debian.org/security/2017/dsa-4022Third Party Advisory
- https://www.openoffice.org/security/cves/CVE-2017-12607.htmlVendor Advisory
FAQ
What is CVE-2017-12607?
CVE-2017-12607 is a vulnerability with a CVSS score of 7.8 (HIGH). A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and appli...
How severe is CVE-2017-12607?
CVE-2017-12607 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-12607?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Openoffice, Debian Debian Linux.