vulnerability

Apache OpenOffice: CVE-2021-33035: Buffer overflow from a crafted DBF file

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Sep 23, 2021	Sep 12, 2025	Sep 12, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Sep 23, 2021

Added

Sep 12, 2025

Modified

Sep 12, 2025

Description

Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10

Solution

apache-openoffice-upgrade-latest

References

CWE-120
CVE-2021-33035
https://attackerkb.com/topics/CVE-2021-33035
URL-https://www.openoffice.org/security/cves/CVE-2021-33035.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today