CVE-2022-43680: Apache OpenOffice: "Use after free" fixed in libexpat

2023-12-29 Thread Marcus

Description

In libexpat through 2.4.9, there is a use-after free caused by overeager 
destruction of a shared DTD in XML_ExternalEntityParserCreate in 
out-of-memory situations.


Severity: Moderate

There are no known exploits of this vulnerability.
A proof-of-concept demonstration does not exist.

Thanks to the reporter for discovering this issue.

Vendor: The Apache Software Foundation

Versions Affected

All Apache OpenOffice versions 4.1.14 and older are affected.
OpenOffice.org versions may also be affected.

Mitigation

Install Apache OpenOffice 4.1.15 for the latest maintenance and 
cumulative security fixes. Use the Apache OpenOffice download page.


Acknowledgments

n/a

References:

https://www.cve.org/CVERecord?id=CVE-2022-43680
https://www.openoffice.org/security/cves/CVE-2022-43680.html
https://openoffice.apache.org/


CVE-2022-43680: Apache OpenOffice: "Use after free" fixed in libexpat

2023-12-28 Thread Arrigo Marchiori
Severity: Moderate

Affected versions:

- Apache OpenOffice through 4.1.15

Description:

In libexpat through 2.4.9, there is a use-after free caused by
overeager destruction of a shared DTD in
XML_ExternalEntityParserCreate in out-of-memory situations.

References:
https://openoffice.apache.org/
https://www.cve.org/CVERecord?id=CVE-2022-43680
-- 
Arrigo