CVE-2018-11790: Apache OpenOffice: Arithmetic overflow and wrap around during string length calculation

[Peter Kovacs <Petko () Apache org>]

CVE-2018-11790 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-11790>

Apache OpenOffice Advisory
<https://www.openoffice.org/security/cves/CVE-2018-11790.html>

*CVE-2018-11790 Arithmetic overflow and wrap around during sting length
calculation *

*Fixed in Apache OpenOffice 4.1.6*

*Description*

When loading a document with smaller end line termination then the
operating system uses, the defect occurs. In this case OpenOffice runs
into an Arithmetic Overflow at a string length calculation.

*Severity: Medium*

There are no known exploits of this vulnerability.
A proof-of-concept demonstration exists.
ssd-disclosure <https://ssd-disclosure.com/index.php/archives/3758>

Thanks to the reporter for discovering this issue.

*Vendor: The Apache Software Foundation*

*Versions Affected*

All Apache OpenOffice versions 4.1.5 and older are affected.
OpenOffice.org versions are also affected.

*Mitigation*

Install Apache OpenOffice 4.1.6 for the latest maintenance and
cumulative security fixes. Use the Apache OpenOffice download page
<https://www.openoffice.org/download/>.

*Further Information*

For additional information and assistance, consult the Apache OpenOffice
Community Forums <https://forum.openoffice.org/> or make requests to the
users () openoffice apache org <mailto:users () openoffice apache org> public
mailing list.

The latest information on Apache OpenOffice security bulletins can be
found at the Bulletin Archive page
<https://www.openoffice.org/security/bulletin.html>.

------------------------------------------------------------------------

Security Home <http://security.openoffice.org> -> Bulletin
<http://www.openoffice.org/security/bulletin.html> -> CVE-2018-11790
<https://www.openoffice.org/security/cves/CVE-2018-11790.html>