CVE-2017-12608
7.8
HIGH
CVSS 3.1
EPSS 1.2%
Description
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
How to fix CVE-2017-12608
To remediate CVE-2017-12608, upgrade the affected package to a fixed version below.
- Debian/libreoffice—upgrade to 1:5.0.2-1 or later
Is CVE-2017-12608 being exploited?
Low — EPSS is 1.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1:5.0.2-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |