Page 127 of 1121 results (0.013 seconds)

CVSS: 6.8EPSS: 7%CPEs: 7EXPL: 0

Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document. Desbordamiento de entero en LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2, cuando está habilitado el ajuste de configuración 'Load printer settings with the document', permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de datos PrinterSetup manipulados en un documento ODF. An integer underflow flaw leading to a heap-based buffer overflow when parsing PrinterSetup data was discovered. By tricking a user into opening a specially crafted document, an attacker could possibly exploit this flaw to execute arbitrary code with the privileges of the user opening the file. • http://rhn.redhat.com/errata/RHSA-2015-2619.html http://www.debian.org/security/2015/dsa-3394 http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212 http://www.openoffice.org/security/cves/CVE-2015-5212.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/77486 http://www.securitytracker.com/id/1034085 http://www.securitytracker.com/id/1034091 http://www.ubuntu.com/usn/USN-2793-1 https://s • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 6.8EPSS: 2%CPEs: 7EXPL: 0

LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file. LibreOffice en versiones anteriores a 4.4.6 y 5.x en versiones anteriores a 5.0.1 y Apache OpenOffice en versiones anteriores a 4.1.2 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) o ejecutar código arbitrario a través de un índice a un marcador inexistente en un documento DOC. It was discovered that LibreOffice did not properly sanity check bookmark indexes. By tricking a user into opening a specially crafted document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file. • http://rhn.redhat.com/errata/RHSA-2015-2619.html http://www.debian.org/security/2015/dsa-3394 http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214 http://www.openoffice.org/security/cves/CVE-2015-5214.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/77486 http://www.securitytracker.com/id/1034086 http://www.securitytracker.com/id/1034091 http://www.ubuntu.com/usn/USN-2793-1 https://s • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-129: Improper Validation of Array Index •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer. LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2 usa la información de configuración LinkUpdateMode almacenada en archivos OpenDocument Format y plantillas cuando maneja enlaces, lo que podría permitir a atacantes remotos obtener información sensible a través de un documento manipulado, lo que incrusta datos desde archivos locales a (1) Calc o (2) Writer. It was discovered that LibreOffice did not properly restrict automatic link updates. By tricking a victim into opening specially crafted documents, an attacker could possibly use this flaw to disclose contents of files accessible by the victim. • http://rhn.redhat.com/errata/RHSA-2015-2619.html http://www.debian.org/security/2015/dsa-3394 http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551 http://www.openoffice.org/security/cves/CVE-2015-4551.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/77486 http://www.securitytracker.com/id/1034085 http://www.securitytracker.com/id/1034091 http://www.ubuntu.com/usn/USN-2793-1 https://s • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-787: Out-of-bounds Write •

CVSS: 6.8EPSS: 1%CPEs: 7EXPL: 0

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow. Desbordamiento de entero en LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2 permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de un archivo DOC extenso, lo que desencadena un desbordamiento de buffer. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way LibreOffice processed certain Microsoft Word .doc files. By tricking a user into opening a specially crafted Microsoft Word .doc document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file. • http://rhn.redhat.com/errata/RHSA-2015-2619.html http://www.debian.org/security/2015/dsa-3394 http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213 http://www.openoffice.org/security/cves/CVE-2015-5213.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/77486 http://www.securitytracker.com/id/1034085 http://www.securitytracker.com/id/1034091 http://www.ubuntu.com/usn/USN-2793-1 https://s • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 4.3EPSS: 4%CPEs: 7EXPL: 0

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive. Info-ZIP UnZip 6.0 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de dato bzip2 vacío en un archivo ZIP. • http://sourceforge.net/p/infozip/patches/23 http://www.debian.org/security/2015/dsa-3386 http://www.openwall.com/lists/oss-security/2015/09/07/4 http://www.openwall.com/lists/oss-security/2015/09/15/6 http://www.openwall.com/lists/oss-security/2015/10/11/5 http://www.securityfocus.com/bid/76863 http://www.securitytracker.com/id/1034027 http://www.ubuntu.com/usn/USN-2788-1 http://www.ubuntu.com/usn/USN-2788-2 • CWE-399: Resource Management Errors •