CVE-2018-10119
Title: CVE-2018-10119 Use After Free in Structured Storage parser
Announced: April 18, 2018
Fixed in: LibreOffice 5.4.5/6.0.1
Description:
LibreOffice before 5.4.5 and 6.x before 6.0.1 have a flaw in an edge case in processing the structured storage ole2 wrapper file format. A short datatype is used which can overflow resulting in a write to recently freed data
All users are recommended to upgrade to LibreOffice >= 5.4.5 or >= 6.0.1
References:
CVE-2018-10119
Follow Us