CVE-2018-10119
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-10119
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
LibreOffice 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
LibreOffice是文档基金会(The Document Foundation,TDF)开发的一套免费开源的办公软件套件。该套件由Writer(文本文档)、Calc(电子表格)和Impress(演示文稿)等应用程序组成。 LibreOffice 5.4.5.1之前版本和6.0.1.1之前的6.x本版本中的sot/source/sdstor/stgstrms.cxx文件存在安全漏洞,该漏洞源于程序在StgSmallStrm类中使用了不正确的整数数据类型。远程攻击者可借助特制的文档利用该漏洞造成拒绝服务(
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2018-10119
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-10119
请登录查看更多情报信息。
Vendor Advisories for CVE-2018-10119 (3)
Mailing List Discussions for CVE-2018-10119 (1)
Other References for CVE-2018-10119 (6)
- https://gerrit.libreoffice.org/#/c/48751/x_refsource_MISC
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747x_refsource_MISC
- https://gerrit.libreoffice.org/#/c/48758/x_refsource_MISC
- https://gerrit.libreoffice.org/#/c/48757/x_refsource_MISC
Same Patch Batch · n/a · 2018-04-15 · 7 CVEs total
| CVE-2018-10121 | Monstra CMS 跨站脚本漏洞 | |
| CVE-2018-10120 | LibreOffice 输入验证错误漏洞 | |
| CVE-2018-9153 | Z-BlogPHP plugin upload组件安全漏洞 | |
| CVE-2018-9169 | Z-BlogPHP 跨站脚本漏洞 | |
| CVE-2018-10118 | Monstra CMS 跨站脚本漏洞 | |
| CVE-2018-10117 | idreamsoft iCMS 跨站请求伪造漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2018-10119
No comments yet