OpenOffice Writer DOC File Parser Denial of Service and Arbitrary Code Execution Vulnerability

OpenOffice Writer DOC File Parser Denial of Service and Arbitrary Code Execution Vulnerability

CVE-2017-9806 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.

Learn more about our Cis Benchmark Audit For Microsoft Office.