This issue could result in remote code execution depending on the installation environment. The issue was resolved by updating to version 3.4.11, as announced on May 15, 2018. CVE-2018-18057 An issue was discovered in OpenOffice.org (OOo) where malformed XFA forms could result in a denial of service. The XFA parsing code was modified to reject invalid XFA documents. This issue only affects 64-bit installations of OOo. The issue was resolved by upgrading to version 4.1.6. CVE-2018-18075 An issue was discovered in OpenOffice.org (OOo) where an unauthenticated remote attacker may be able to cause denial of service. The issue was resolved by upgrading to version 4.1.6. CVE-2018-18076 An issue was discovered in OpenOffice.org (OOo) where an authenticated remote attacker may be able to cause a denial of service. The issue was resolved by upgrading to version 4.1.6. CVE-2018-18077 An issue was discovered in OpenOffice.org (OOo) where an authenticated remote attacker may be able to cause a denial of service. The issue was resolved by upgrading to version 4.1.6. CVE-2018-18078 An issue was discovered in OpenOffice.org (OOo) where an authenticated remote attacker may be able to cause a denial of service. The issue was resolved by upgrading to version

Two vulnerabilities have been confirmed in the OpenOffice.org (OOo)

3.4.11 release
CVE-2018-18079 An issue was discovered in OpenOffice.org (OOo) where an authenticated remote attacker may be able to cause a denial of service. The issue was resolved by upgrading to version 4.1.6.

Timeline

Published on: 09/22/2022 17:15:00 UTC
Last modified on: 09/23/2022 03:02:00 UTC

References