Description
In libexpat through 2.4.9, there is a use-after free caused by overeager
destruction of a shared DTD in XML_ExternalEntityParserCreate in
out-of-memory situations.
Severity: Moderate
There are no known exploits of this vulnerability.
A proof-of-concept demonstration does not exist.
Thanks to the reporter for discovering this issue.
Vendor: The Apache Software Foundation
Versions Affected
All Apache OpenOffice versions 4.1.14 and older are affected.
OpenOffice.org versions may also be affected.
Mitigation
Install Apache OpenOffice 4.1.15 for the latest maintenance and
cumulative security fixes. Use the Apache OpenOffice download page.
Acknowledgments
n/a
References:
https://www.cve.org/CVERecord?id=CVE-2022-43680
https://www.openoffice.org/security/cves/CVE-2022-43680.html
https://openoffice.apache.org/
