CVE-2018-11790
7.8
HIGH
CVSS 3.1
EPSS 0.55%
Description
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation.
How to fix CVE-2018-11790
To remediate CVE-2018-11790, upgrade the affected package to a fixed version below.
- Debian/libreoffice—upgrade to 1:4.0.3-1 or later
Is CVE-2018-11790 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1:4.0.3-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |