CVE-2016-1513

CWE-125 — Out-of-bounds Read CWE-787 — Out-of-bounds Write8 documents7 sources

Severity

7.8HIGH

EPSS

1.1%

top 21.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Openoffice

Timeline

PublishedAug 5

Latest updateMay 17

Description

The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDapache/openoffice4.1.2

▶Debianlibreoffice< 1:4.3.3-1+3

🔴Vulnerability Details

GHSA

GHSA-f753-7547-p2rj: The Impress tool in Apache OpenOffice 4↗2022-05-17

▶

OSV

CVE-2016-1513: The Impress tool in Apache OpenOffice 4↗2016-08-05

▶

CVEList

CVE-2016-1513: The Impress tool in Apache OpenOffice 4↗2016-08-05

▶

📋Vendor Advisories

Ubuntu

LibreOffice vulnerability↗2016-08-04

▶

Debian

CVE-2016-1513: libreoffice - The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers ...↗2016

▶

🕵️Threat Intelligence

Talos

Vulnerability Spotlight: OpenOffice Impress MetaActions Arbitrary Read Write Vulnerability↗2016-07-21

▶

Talos

Vulnerability Spotlight: OpenOffice Impress MetaActions Arbitrary Read Write Vulnerability↗2016-07-21

▶