A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer.
References
Link | Resource |
---|---|
https://github.com/ONLYOFFICE/DocumentServer | Product |
https://github.com/ONLYOFFICE/core | Product Vendor Advisory |
https://github.com/ONLYOFFICE/core/blob/v6.0.1.15/ASCOfficePPTXFile/Editor/BinaryFileReaderWriter.cpp#L424 | Vendor Advisory |
https://github.com/ONLYOFFICE/core/blob/v6.0.1.15/ASCOfficePPTXFile/Editor/BinaryFileReaderWriter.cpp#L428 | Vendor Advisory |
https://github.com/ONLYOFFICE/core/blob/v6.0.1.15/DesktopEditor/cximage/CxImage/ximabmp.cpp#L354 | Vendor Advisory |
https://github.com/ONLYOFFICE/core/blob/v6.0.1.15/DesktopEditor/cximage/CxImage/ximabmp.cpp#L358 | Vendor Advisory |
https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25832 | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2021-03-01 16:15
Updated : 2024-02-04 21:23
NVD link : CVE-2021-25832
Mitre link : CVE-2021-25832
CVE.ORG link : CVE-2021-25832
JSON object : View
Products Affected
onlyoffice
- document_server
CWE
CWE-787
Out-of-bounds Write