Back to search
CVE-2016-6804
Published: Nov 20, 2017
Modified: Sep 16, 2024
PUBLISHED
Description
The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon.
| Vendor | Product | Versions |
|---|---|---|
Apache Software Foundation | Apache OpenOffice | affected 4.0.0 to 4.1.2affected older releases are also affected, including some branded as OpenOffice.org |
References
https://www.openoffice.org/security/cves/CVE-2016-6804.html
x_refsource_CONFIRM
93774
vdb-entry
x_refsource_BID
1037016
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now