CVE-2025-64406 – An out-of-bounds write vulnerability in Apache ... (How to Fix)

Q: What is the severity of CVE-2025-64406?

CVE-2025-64406 has a CVSS score of 4.3 (MEDIUM). An out-of-bounds write vulnerability in Apache OpenOffice allows attackers to craft malicious documents that could crash the program or corrupt memory. This affects all users running Apache OpenOffice versions through 4.1.15. The vulnerability could potentially lead to arbitrary code execution or denial of service.

📋 TL;DR

An out-of-bounds write vulnerability in Apache OpenOffice allows attackers to craft malicious documents that could crash the program or corrupt memory. This affects all users running Apache OpenOffice versions through 4.1.15. The vulnerability could potentially lead to arbitrary code execution or denial of service.

💻 Affected Systems

Products:

Apache OpenOffice

Versions: through 4.1.15

Operating Systems: Windows, Linux, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of affected versions are vulnerable regardless of configuration.

📦 What is this software?

Openoffice by Apache

View all CVEs affecting Openoffice →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Arbitrary code execution leading to full system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Application crash (denial of service) or memory corruption causing data loss in open documents.

🟢

If Mitigated

Limited to application crash if memory corruption doesn't lead to code execution.

🌐 Internet-Facing: LOW (OpenOffice is typically desktop software, not internet-facing)

🏢 Internal Only: MEDIUM (Requires user interaction to open malicious document, but common in office environments)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open a malicious document. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.1.16

Vendor Advisory: https://www.openoffice.org/security/cves/CVE-2025-64406.html

Restart Required: Yes

Instructions:

1. Download Apache OpenOffice 4.1.16 from official website. 2. Close all OpenOffice applications. 3. Run installer and follow upgrade prompts. 4. Restart computer after installation completes.

🔧 Temporary Workarounds

Disable document macros/scripts

all

Configure OpenOffice to disable automatic execution of macros and scripts in documents

Use alternative office suite

all

Temporarily use LibreOffice or Microsoft Office while waiting to patch

🧯 If You Can't Patch

Restrict document sources to trusted senders only
Implement application whitelisting to block OpenOffice execution

🔍 How to Verify

Check if Vulnerable:

Check Help → About Apache OpenOffice and verify version is 4.1.15 or earlier

Check Version:

Windows: "C:\Program Files (x86)\OpenOffice 4\program\soffice.exe" --version | Linux: ooffice --version | macOS: /Applications/OpenOffice.app/Contents/MacOS/soffice --version

Verify Fix Applied:

Verify version shows 4.1.16 or later in Help → About Apache OpenOffice

📡 Detection & Monitoring

Log Indicators:

Application crash logs from OpenOffice
Unexpected process termination events

Network Indicators:

Unusual document downloads from untrusted sources

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="soffice.exe" OR ProcessName="soffice.bin"

📊 Metadata

CVE ID: CVE-2025-64406

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE: CWE-787

EPSS Score: 0.11% exploit probability (30th percentile)

Published: November 12, 2025

Last Updated: November 13, 2025

🔗 References

https://lists.apache.org/thread/py89gpogxfb2yo9c5vwv2h9x3m85pfmm Issue Tracking,Vendor Advisory
https://www.openoffice.org/security/cves/CVE-2025-64406.html Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/11/11/9 Mailing List,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-64406, you might also want to check these: