CVE-2018-10120 (retired)

Priority
Description
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in
LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a
customizations index, which allows remote attackers to cause a denial of
service (heap-based buffer overflow with write access) or possibly have
unspecified other impact via a crafted document that contains a certain
Microsoft Word record.
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1:4.2.8-0ubuntu5.5)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:5.1.6~rc2-0ubuntu1~xenial6)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (1:6.0.3-0ubuntu1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (1:6.0.3-0ubuntu1)
Ubuntu 19.04 (Disco Dingo):not-affected (1:6.0.3-0ubuntu1)
Patches:
Upstream:https://gerrit.libreoffice.org/gitweb?p=core.git;a=commit;h=017fcc2fcd00af17a97bd5463d89662404f57667
Upstream:https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4&id=e355d7d691cfe9719b06e15129d86ec22a2bd7a4 (5.4)
More Information

Updated: 2019-03-26 12:26:50 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)