High severity7.5NVD Advisory· Published Sep 9, 2017· Updated Jun 17, 2026
CVE-2017-14226
CVE-2017-14226
Description
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*range: <=5.3.6
- (no CPE)range: <5.3.7
- Range: <0.10.1
- osv-coords6 versionspkg:rpm/suse/libwpd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/libwpd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/libwpd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/libwpd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/libwpd&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2pkg:rpm/suse/libwpd&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3
< 0.10.2-2.4.1+ 5 more
- (no CPE)range: < 0.10.2-2.4.1
- (no CPE)range: < 0.10.2-2.4.1
- (no CPE)range: < 0.10.2-2.4.1
- (no CPE)range: < 0.10.2-2.4.1
- (no CPE)range: < 0.10.2-2.4.1
- (no CPE)range: < 0.10.2-2.4.1
Patches
Vulnerability mechanics
References
6- sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/nvdPatchThird Party Advisory
- sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/nvdPatchThird Party Advisory
- bugs.documentfoundation.org/show_bug.cginvdIssue TrackingThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- cgit.freedesktop.org/libreoffice/core/commit/nvdMailing ListThird Party Advisory
- sourceforge.net/p/libwpd/tickets/14/nvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.