Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0 | Mailing List Vendor Advisory |
https://www.openoffice.org/security/cves/CVE-2022-38745.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2023-03-24T15:56:48.549Z
Updated: 2023-03-24T15:56:48.549Z
Reserved: 2022-08-25T07:16:01.549Z
Link: CVE-2022-38745
JSON object: View
NVD Information
Status : Modified
Published: 2023-03-24T16:15:08.130
Modified: 2023-11-07T03:50:14.410
Link: CVE-2022-38745
JSON object: View
Redhat Information
No data.