CVE-2020-11535

An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit XML injection to enter an attacker-controlled parameter into the x2t binary, to rewrite this binary and/or libxcb.so.1, and execute code on a victim's server.
Configurations

Configuration 1

cpe:2.3:a:onlyoffice:document_server:5.5.0:*:*:*:*:*:*:*

Information

Published : 2020-04-15 03:15

Updated : 2020-04-22 06:58


NVD link : CVE-2020-11535

Mitre link : CVE-2020-11535

Products Affected
No products.
CWE