github - ghsa-jv89-hcw9-2wwr

ghsa-jv89-hcw9-2wwr

Vulnerability from github

Published

2022-05-13 01:31

Modified

2022-05-13 01:31

Severity

7.8 (High) - CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-11790"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-682"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-31T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation.",
  "id": "GHSA-jv89-hcw9-2wwr",
  "modified": "2022-05-13T01:31:05Z",
  "published": "2022-05-13T01:31:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11790"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b@%3Ccommits.openoffice.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/3883-1"
    },
    {
      "type": "WEB",
      "url": "https://www.openoffice.org/security/cves/CVE-2018-11790.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106803"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cve-2018-11790

Vulnerability from cvelistv5

Published

2019-01-31 16:00

Modified

2024-09-16 19:30

Severity

Summary

When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation.

References

URL	Tags
https://www.openoffice.org/security/cves/CVE-2018-11790.html	x_refsource_CONFIRM
https://usn.ubuntu.com/3883-1/	vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/106803	vdb-entry, x_refsource_BID
https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E	mailing-list, x_refsource_MLIST

Impacted products

Vendor	Product
Apache Software Foundation	Apache OpenOffice

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:09.226Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.openoffice.org/security/cves/CVE-2018-11790.html"
          },
          {
            "name": "USN-3883-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3883-1/"
          },
          {
            "name": "106803",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106803"
          },
          {
            "name": "[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache OpenOffice",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "Apache OpenOffice 4.1.5 and earlier"
            }
          ]
        }
      ],
      "datePublic": "2018-11-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-17T00:06:09",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.openoffice.org/security/cves/CVE-2018-11790.html"
        },
        {
          "name": "USN-3883-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3883-1/"
        },
        {
          "name": "106803",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106803"
        },
        {
          "name": "[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "DATE_PUBLIC": "2018-11-18T00:00:00",
          "ID": "CVE-2018-11790",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache OpenOffice",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Apache OpenOffice 4.1.5 and earlier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.openoffice.org/security/cves/CVE-2018-11790.html",
              "refsource": "CONFIRM",
              "url": "https://www.openoffice.org/security/cves/CVE-2018-11790.html"
            },
            {
              "name": "USN-3883-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3883-1/"
            },
            {
              "name": "106803",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106803"
            },
            {
              "name": "[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b@%3Ccommits.openoffice.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2018-11790",
    "datePublished": "2019-01-31T16:00:00Z",
    "dateReserved": "2018-06-05T00:00:00",
    "dateUpdated": "2024-09-16T19:30:22.439Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.