Description
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation.
References (4)
Core 4
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.openoffice.org/security/cves/CVE-2018-11790.html
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3883-1/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106803
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E
Scores
CVSS v3
7.8
EPSS
0.0103
EPSS Percentile
58.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-682
Status
published
Products (3)
apache/openoffice
< 4.1.5
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
Published
Jan 31, 2019
Tracked Since
Feb 18, 2026