Page 4 of 42 results (0.009 seconds)

CVSS: 9.8EPSS: 59%CPEs: 22EXPL: 2

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. LibreOffice, en versiones anteriores a la 5.4.5 y versiones 6.x anteriores a la 6.0.1, permite que atacantes remotos lean archivos arbitrarios mediante llamadas =WEBSERVICE en un documento, que emplea la función COM.MICROSOFT.WEBSERVICE. A flaw was found in libreoffice before 5.4.5 and before 6.0.1. Arbitrary remote file disclosure may be achieved by the use of the WEBSERVICE formula in a specially crafted ODS file. LibreOffice suffers from a remote arbitrary file disclosure vulnerability. • https://www.exploit-db.com/exploits/44022 https://access.redhat.com/errata/RHSA-2018:0418 https://access.redhat.com/errata/RHSA-2018:0517 https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5&id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure https://usn.ubuntu.com/3579-1 https://www.debian.org/security/2018/dsa-4111 https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055 https://access.red • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application. WP1StylesListener.cpp, WP5StylesListener.cpp, y WP42StylesListener.cpp en libwpd 0.10.1 no gestiona iteradores correctamente, lo que permite que atacantes remotos provoquen una denegación de servicio (sobrelectura de búfer basada en montículos en la clase WPXTableList en WPXTable.cpp). Esta vulnerabilidad puede desencadenarse en LibreOffice en versiones anteriores a la 5.3.7. • https://bugs.documentfoundation.org/show_bug.cgi?id=112269 https://bugzilla.redhat.com/show_bug.cgi?id=1489337 https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9 https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5 https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3 https://sourceforge.net/p/libwpd/tickets/14 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. LibreOffice anterior al 17-03-2017 tiene una escritura fuera de rango causada por un desbordamiento de búfer basado en memoria dinámica, relacionado con la función ReadJPEG en vcl/source/filter/jpeg/jpegc.cxx. • http://www.securityfocus.com/bid/98395 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889 https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. LibreOffice en versiones anteriores a 14-03-2017 tiene una escritura fuera de límites relacionada con la función HWPFile::TagsRead en hwpfilter/source/hwpfile.cxx. • http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882 http://www.securityfocus.com/bid/97684 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860 https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0

LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. LibreOffice en versiones anteriores a 02-01-2017 tiene una escritura fuera de límites provocado por un desbordamiento de búfer basado en memoria dinámica en relación con la función tools::Polygon::Insert en tools/source/generic/poly.cxx An out-of-bounds write flaw was found in the way Libreoffice rendered certain documents containing Polygon images. By tricking a user into opening a specially crafted LibreOffice file, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file. • http://www.debian.org/security/2017/dsa-3837 http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870 http://www.securityfocus.com/bid/97671 http://www.securitytracker.com/id/1039029 https://access.redhat.com/errata/RHSA-2017:1975 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372 https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722 https://security.gentoo.org/glsa/201706-28 https://access.redhat.com/security/cve/CVE-2017-7870 https: • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •