CVE-2017-9806

A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.

Published: Nov 20, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-9806
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
apache / openoffice	-	4.1.4

http://www.openoffice.org/security/cves/CVE-2017-9806.html
http://www.securityfocus.com/bid/101585

Vulnerability Database

289,697

CVE-2017-9806