CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-7856
https://notcve.org/view.php?id=CVE-2017-7856
14 Apr 2017 — LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. LibreOffice en versiones anteriores a 11-03-2017 tiene una escritura fuera de límites provocado por un desbordamiento de búfer basado en memoria dinámica en la función SVMConverter::ImplConvertFromSVM1 en vcl/source/gdi/svmconverter.cxx • http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-7870 – libreoffice: Heap-buffer-overflow in tools::Polygon::Insert
https://notcve.org/view.php?id=CVE-2017-7870
14 Apr 2017 — LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. LibreOffice en versiones anteriores a 02-01-2017 tiene una escritura fuera de límites provocado por un desbordamiento de búfer basado en memoria dinámica en relación con la función tools::Polygon::Insert en tools/source/generic/poly.cxx An out-of-bounds write flaw was found in the way Libreoffice rendered certain documents containing... • http://www.debian.org/security/2017/dsa-3837 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2016-4324 – Debian Security Advisory 3608-1
https://notcve.org/view.php?id=CVE-2016-4324
30 Jun 2016 — Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens. Vulnerabilidad de uso después de liberación de memoria en LibreOffice en versiones anteriores a 5.1.4 permite a atacantes remotos ejecutar código arbitrario a través de un archivo RTF manipulado, relacionado con los tokens stylesheet y superscript. It was discovered that LibreOffice incorrectly handled RTF document files. If a user w... • http://www.debian.org/security/2016/dsa-3608 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-0794 – libreoffice: Multiple out-of-bounds overflows in lwp filter
https://notcve.org/view.php?id=CVE-2016-0794
16 Feb 2016 — The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document. El filtro lwp en LibreOffice en versiones anteriores a 5.0.4 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de un documento LotusWordPro (lwp) manipulado. Multiple flaws were found in the Lotus Word Pro (LWP) docu... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-0795 – libreoffice: Multiple out-of-bounds overflows in lwp filter
https://notcve.org/view.php?id=CVE-2016-0795
16 Feb 2016 — LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document. LibreOffice en versiones anteriores a 5.0.5 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de un registro LwpTocSuperLayout manipulado en un documento LotusWordPro (lwp). Multiple flaws were found in t... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 23%CPEs: 7EXPL: 0CVE-2015-5212 – libreoffice: Integer underflow in PrinterSetup length
https://notcve.org/view.php?id=CVE-2015-5212
06 Nov 2015 — Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document. Desbordamiento de entero en LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2, cuando está habilitado el ajuste de conf... • http://rhn.redhat.com/errata/RHSA-2015-2619.html • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.8EPSS: 8%CPEs: 7EXPL: 0CVE-2015-5213 – libreoffice: Integer overflow in DOC files
https://notcve.org/view.php?id=CVE-2015-5213
06 Nov 2015 — Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow. Desbordamiento de entero en LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2 permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de la aplicación) o posiblemente ... • http://rhn.redhat.com/errata/RHSA-2015-2619.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 10%CPEs: 7EXPL: 0CVE-2015-5214 – libreoffice: Bookmarks in DOC documents are insufficiently checked causing memory corruption
https://notcve.org/view.php?id=CVE-2015-5214
06 Nov 2015 — LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file. LibreOffice en versiones anteriores a 4.4.6 y 5.x en versiones anteriores a 5.0.1 y Apache OpenOffice en versiones anteriores a 4.1.2 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) o ejecutar... • http://rhn.redhat.com/errata/RHSA-2015-2619.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-129: Improper Validation of Array Index •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-2015-4551 – libreoffice: Arbitrary file disclosure in Calc and Writer
https://notcve.org/view.php?id=CVE-2015-4551
06 Nov 2015 — LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer. LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2 usa la información de configuración LinkUpdateMode almacenada en archivos OpenDo... • http://rhn.redhat.com/errata/RHSA-2015-2619.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 33%CPEs: 13EXPL: 0CVE-2015-1774 – libreoffice: HWP file filter vulnerability
https://notcve.org/view.php?id=CVE-2015-1774
25 Apr 2015 — The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write. El filtro HWP en LibreOffice anterior a 4.3.7 y 4.4.x anterior a 4.4.2 y Apache OpenOffice anterior a 4.1.2 permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de un documento HWP... • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html • CWE-787: Out-of-bounds Write CWE-822: Untrusted Pointer Dereference •