Apache Openoffice 4.1.2 Denial Of Service Execute Code Vulnerability
26 Oct. 2016
The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
An OpenDocument Presentation .ODP or Presentation Template .OTP file can contain invalid presentation elements that lead to memory corruption when the document is loaded in Apache OpenOffice Impress. The defect may cause the document to appear as corrupted and OpenOffice may crash in a recovery-stuck mode requiring manual intervention. A crafted exploitation of the defect can allow an attacker to cause denial of service (memory corruption and application crash) and possible execution of arbitrary code.
Impress cannot be used to directly produce documents having the CVE-2016-1513-related defect. Impress-authored .ODF and .ODT documents of an user's own that exhibit any of these characteristics are not the result of an exploit. They may be consequences of a separate Impress defect that should be reported.