CVSS: 7.8EPSS: 17%CPEs: 5EXPL: 0CVE-2016-4324 – Debian Security Advisory 3608-1
https://notcve.org/view.php?id=CVE-2016-4324
30 Jun 2016 — Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens. Vulnerabilidad de uso después de liberación de memoria en LibreOffice en versiones anteriores a 5.1.4 permite a atacantes remotos ejecutar código arbitrario a través de un archivo RTF manipulado, relacionado con los tokens stylesheet y superscript. It was discovered that LibreOffice incorrectly handled RTF document files. If a user w... • http://www.debian.org/security/2016/dsa-3608 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 2%CPEs: 4EXPL: 0CVE-2016-0794 – libreoffice: Multiple out-of-bounds overflows in lwp filter
https://notcve.org/view.php?id=CVE-2016-0794
16 Feb 2016 — The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document. El filtro lwp en LibreOffice en versiones anteriores a 5.0.4 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de un documento LotusWordPro (lwp) manipulado. Multiple flaws were found in the Lotus Word Pro (LWP) docu... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 4EXPL: 0CVE-2016-0795 – libreoffice: Multiple out-of-bounds overflows in lwp filter
https://notcve.org/view.php?id=CVE-2016-0795
16 Feb 2016 — LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document. LibreOffice en versiones anteriores a 5.0.5 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de un registro LwpTocSuperLayout manipulado en un documento LotusWordPro (lwp). Multiple flaws were found in t... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2015-4551 – libreoffice: Arbitrary file disclosure in Calc and Writer
https://notcve.org/view.php?id=CVE-2015-4551
06 Nov 2015 — LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer. LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2 usa la información de configuración LinkUpdateMode almacenada en archivos OpenDo... • http://rhn.redhat.com/errata/RHSA-2015-2619.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 7%CPEs: 7EXPL: 0CVE-2015-5212 – libreoffice: Integer underflow in PrinterSetup length
https://notcve.org/view.php?id=CVE-2015-5212
06 Nov 2015 — Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document. Desbordamiento de entero en LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2, cuando está habilitado el ajuste de conf... • http://rhn.redhat.com/errata/RHSA-2015-2619.html • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2015-5213 – libreoffice: Integer overflow in DOC files
https://notcve.org/view.php?id=CVE-2015-5213
06 Nov 2015 — Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow. Desbordamiento de entero en LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2 permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de la aplicación) o posiblemente ... • http://rhn.redhat.com/errata/RHSA-2015-2619.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2015-5214 – libreoffice: Bookmarks in DOC documents are insufficiently checked causing memory corruption
https://notcve.org/view.php?id=CVE-2015-5214
06 Nov 2015 — LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file. LibreOffice en versiones anteriores a 4.4.6 y 5.x en versiones anteriores a 5.0.1 y Apache OpenOffice en versiones anteriores a 4.1.2 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) o ejecutar... • http://rhn.redhat.com/errata/RHSA-2015-2619.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-129: Improper Validation of Array Index •
CVSS: 9.8EPSS: 2%CPEs: 13EXPL: 0CVE-2015-1774 – libreoffice: HWP file filter vulnerability
https://notcve.org/view.php?id=CVE-2015-1774
25 Apr 2015 — The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write. El filtro HWP en LibreOffice anterior a 4.3.7 y 4.4.x anterior a 4.4.2 y Apache OpenOffice anterior a 4.1.2 permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de un documento HWP... • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html • CWE-787: Out-of-bounds Write CWE-822: Untrusted Pointer Dereference •
CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 0CVE-2014-9093 – Gentoo Linux Security Advisory 201603-05
https://notcve.org/view.php?id=CVE-2014-9093
26 Nov 2014 — LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file. LibreOffice anterior a 4.3.5 permite a atacantes remotos causar una denegación de servicio (operación de escritura inválida y caída) y posiblemente ejecutar código arbitrario a través de un fichero RTF manipulado. Alexander Cherepanov discovered that LibreOffice incorrectly handled certain RTF files. If a user were tricked into opening ... • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 66%CPEs: 27EXPL: 0CVE-2014-3693 – libreoffice: Use-After-Free in socket manager of Impress Remote
https://notcve.org/view.php?id=CVE-2014-3693
05 Nov 2014 — Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599. Vulnerabilidad de uso después de liberación en el gestor del socket de Impress Remote en LibreOffice 4.x anterior a 4.2.7 y 4.3.x anterior a 4.3.3 permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbi... • http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html • CWE-416: Use After Free •