CVE-2021-33035

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-33035
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-33035.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-33035
Related
Published
2021-09-23T08:15:06Z
Modified
2024-10-12T07:40:37.579509Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10

References

Affected packages

Debian:11 / libreoffice

Package

Name
libreoffice
Purl
pkg:deb/debian/libreoffice?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:4.3.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libreoffice

Package

Name
libreoffice
Purl
pkg:deb/debian/libreoffice?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:4.3.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libreoffice

Package

Name
libreoffice
Purl
pkg:deb/debian/libreoffice?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:4.3.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/apache/openoffice

Affected ranges

Type
GIT
Repo
https://github.com/apache/openoffice
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

AOO4110-GA
AOO417
AOO417-RC1
AOO418-GA
AOO419-GA
AOO419-RC1