CVE-2016-6803

Summary

An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache OpenOffice4.0.0 to 4.1.2affected
Apache Software FoundationApache OpenOfficeOlder versions, including some using the previous OpenOffice.org brand, are also affected.affected

Weaknesses

  • Trojan Execution (on previously infected system)

ADP Enrichment

CVE Program Container

Additional References

References