VDB
CVE-2021-33035
CVE-2021-33035
REJECTED
Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10
EPSS 4.61% · 89.5th percentile
Risk Scores
EPSS Score
4.61%
89.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | libreoffice | 0, 1:5.4.1-0ubuntu1, 1:5.4.1-0ubuntu3 |
Timeline
- Sep 23, 2021 CVE Published
- Sep 24, 2021 EPSS Score
- Oct 8, 2021 EPSS Score
- Nov 20, 2021 EPSS Score
- Jan 16, 2022 EPSS Score
- Mar 15, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 7, 2022 EPSS Score
- Oct 30, 2022 EPSS Score
- Feb 22, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 20, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-33035 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-33035 third-party-advisory