CLD-365 Details

Other IDs this deficiency may be known by:

CVE ID CVE-2018-10120 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s)

Basic Information:

Affected Package(s) libreoffice
Deficiency Type SECURITY
Date Created 2018-04-16 15:06:18
Date Last Modified 2018-04-17 11:03:17

Version Specific Information:

Cucumber 1.0 i686fixed in libreoffice-
Cucumber 1.0 x86_64fixed in libreoffice-

Cucumber 1.1 i686 fixed in libreoffice-
Cucumber 1.1 x86_64 fixed in libreoffice-


=================================== Overview ===================================

The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in
LibreOffice before and 6.x before does not validate a
customizations index, which allows remote attackers to cause a denial of
service (heap-based buffer overflow with write access) or possibly have
unspecified other impact via a crafted document. 

================================= Our Analysis =================================

----- Affected Products -----
LibreOffice as originally packaged in Cucumber Linux 1.0 and 1.1 is

----- Scope and Impact of this Vulnerability -----
Denial of service (heap based buffer overflow) resulting in other possible
unspecified impacts via a specially crafter document.

----- Fix for this Vulnerability -----
Fixed in commit:;a=commit;h=017fcc2fcd00af17a97bd5463d89662404f57667

================================= Our Solution =================================

We have applied the aforementioned patch and rebuilt.