High severity7.8NVD Advisory· Published Nov 20, 2017· Updated Jun 17, 2026
CVE-2016-6804
CVE-2016-6804
Description
The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*range: <4.1.3
- (no CPE)range: <4.1.3
- (no CPE)range: 4.0.0 to 4.1.2
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/93774nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1037016nvdThird Party AdvisoryVDB Entry
- www.openoffice.org/security/cves/CVE-2016-6804.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.