CVE-2016-6803

CWE-4263 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 69.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache OpenofficeApache Software Foundation Apache Openoffice
Timeline
PublishedNov 13
Latest updateMay 17

Description

An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5apache_software_foundation/apache_openoffice4.0.0 to 4.1.2, Older versions, including some using the previous OpenOffice.org brand, are also affected.+1

🔴Vulnerability Details

2
GHSA
GHSA-vhvh-h729-jjrv: An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 42022-05-17
CVEList
CVE-2016-6803: An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 42017-11-13
CVE-2016-6803 (HIGH CVSS 7.8) | An installer defect known as an "un | cvebase.io