High severity7.8NVD Advisory· Published Nov 20, 2017· Updated Jun 17, 2026
CVE-2017-9806
CVE-2017-9806
Description
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*range: <4.1.4
- (no CPE)range: 4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand
- Range: <4.1.4
Patches
Vulnerability mechanics
References
2- www.openoffice.org/security/cves/CVE-2017-9806.htmlnvdVendor Advisory
- www.securityfocus.com/bid/101585nvdBroken LinkThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.