Vulnerability Description
Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libstaroffice Project | Libstaroffice | <= 0.0.3 |
Related Weaknesses (CWE)
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1029Issue TrackingThird Party AdvisoryVDB Entry
- https://github.com/fosnola/libstaroffice/commit/2d6253c7a692a3d92785dd990fce7256PatchThird Party Advisory
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1029Issue TrackingThird Party AdvisoryVDB Entry
- https://github.com/fosnola/libstaroffice/commit/2d6253c7a692a3d92785dd990fce7256PatchThird Party Advisory
FAQ
What is CVE-2017-9432?
CVE-2017-9432 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx.
How severe is CVE-2017-9432?
CVE-2017-9432 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-9432?
Check the references section above for vendor advisories and patch information. Affected products include: Libstaroffice Project Libstaroffice.