Description


Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.

Related CPE's


Weaknesses



CWE-94CWE-427CWE-1188

CVSS impact metrics


CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-03-24T16:15:08.130

2 years ago

Last modified

2025-02-13T15:15:11.950

5 months ago