Apache OpenOffice < 4.1.14 Multiple Vulnerabilities (macOS)

high Nessus Plugin ID 173740


The remote Mac OSX host has an application installed that is affected by multiple vulnerabilities.


The version of Apache OpenOffice installed on the remote host is a version prior to 4.1.14. It is, therefore, affected by multiple vulnerabilities:

- libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. (CVE-2022-40674)

- Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory. (CVE-2022-38745)

- Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution. (CVE-2022-47052)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Upgrade to Apache OpenOffice version 4.1.14 or later.

See Also





Plugin Details

Severity: High

ID: 173740

File Name: macos_openoffice_4114.nasl

Version: 1.3

Type: local

Agent: macosx

Published: 3/31/2023

Updated: 1/5/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information


Risk Factor: Medium

Score: 6.7


Risk Factor: High

Base Score: 7.6

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-40674


Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:openoffice

Required KB Items: installed_sw/OpenOffice

Exploit Ease: No known exploits are available

Patch Publication Date: 2/27/2023

Vulnerability Publication Date: 2/27/2023

Reference Information

CVE: CVE-2022-38745, CVE-2022-40674, CVE-2022-47502

IAVA: 2023-A-0160-S