Your submission was sent successfully! Close

CVE-2017-9806

Published: 20 November 2017

A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
libreoffice
Launchpad, Ubuntu, Debian
Upstream
Released (1:3.4.3-1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1:5.1.6~rc2-0ubuntu1~xenial2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [1:4.2.8-0ubuntu5.1])