CVSS: 6.8EPSS: 2%CPEs: 7EXPL: 0CVE-2015-5214 – libreoffice: Bookmarks in DOC documents are insufficiently checked causing memory corruption
https://notcve.org/view.php?id=CVE-2015-5214
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file. LibreOffice en versiones anteriores a 4.4.6 y 5.x en versiones anteriores a 5.0.1 y Apache OpenOffice en versiones anteriores a 4.1.2 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de la aplicación) o ejecutar código arbitrario a través de un índice a un marcador inexistente en un documento DOC. It was discovered that LibreOffice did not properly sanity check bookmark indexes. By tricking a user into opening a specially crafted document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file. • http://rhn.redhat.com/errata/RHSA-2015-2619.html http://www.debian.org/security/2015/dsa-3394 http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214 http://www.openoffice.org/security/cves/CVE-2015-5214.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/77486 http://www.securitytracker.com/id/1034086 http://www.securitytracker.com/id/1034091 http://www.ubuntu.com/usn/USN-2793-1 https://s • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-129: Improper Validation of Array Index •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2015-4551 – libreoffice: Arbitrary file disclosure in Calc and Writer
https://notcve.org/view.php?id=CVE-2015-4551
LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer. LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2 usa la información de configuración LinkUpdateMode almacenada en archivos OpenDocument Format y plantillas cuando maneja enlaces, lo que podría permitir a atacantes remotos obtener información sensible a través de un documento manipulado, lo que incrusta datos desde archivos locales a (1) Calc o (2) Writer. It was discovered that LibreOffice did not properly restrict automatic link updates. By tricking a victim into opening specially crafted documents, an attacker could possibly use this flaw to disclose contents of files accessible by the victim. • http://rhn.redhat.com/errata/RHSA-2015-2619.html http://www.debian.org/security/2015/dsa-3394 http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551 http://www.openoffice.org/security/cves/CVE-2015-4551.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/77486 http://www.securitytracker.com/id/1034085 http://www.securitytracker.com/id/1034091 http://www.ubuntu.com/usn/USN-2793-1 https://s • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 1%CPEs: 13EXPL: 0CVE-2015-1774 – libreoffice: HWP file filter vulnerability
https://notcve.org/view.php?id=CVE-2015-1774
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write. El filtro HWP en LibreOffice anterior a 4.3.7 y 4.4.x anterior a 4.4.2 y Apache OpenOffice anterior a 4.1.2 permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de un documento HWP manipulado, lo cual provoca una escritura fuera de rango. A flaw was found in the way the LibreOffice HWP (Hangul Word Processor) file filter processed certain HWP documents. An attacker able to trick a user into opening a specially crafted HWP document could possibly use this flaw to execute arbitrary code with the privileges of the user opening that document. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html http://rhn.redhat.com/errata/RHSA-2015-1458.html http://www.debian.org/security/2015/dsa-3236 http://www.openoffice.org/security/cves/CVE-2015-1774.html http://www.securityfocus.com/bid/74338 http://www.securitytracker.com/id/1032205 http://www.securitytracker.com&# • CWE-787: Out-of-bounds Write CWE-822: Untrusted Pointer Dereference •
CVSS: 7.5EPSS: 6%CPEs: 6EXPL: 0CVE-2014-9093
https://notcve.org/view.php?id=CVE-2014-9093
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file. LibreOffice anterior a 4.3.5 permite a atacantes remotos causar una denegación de servicio (operación de escritura inválida y caída) y posiblemente ejecutar código arbitrario a través de un fichero RTF manipulado. • http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html http://www.debian.org/security/2015/dsa-3163 http://www.openwall.com/lists/oss-security/2014/11/19/3 http://www.openwall.com/lists/oss-security/2014/11/26/7 http://www.ubuntu.com/usn/USN-2578-1 https://bugs.freedesktop.org/show_bug.cgi?id=86449 https://security.gentoo.org/glsa/201603-05 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2014-3575 – openoffice: Arbitrary file disclosure via crafted OLE objects
https://notcve.org/view.php?id=CVE-2014-3575
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects. La generación de previsualizaciones OLE en Apache OpenOffice anterior a 4.1.1 y OpenOffice.org (OOo) podría permitir a atacantes remotos embeber datos arbitrarios en documentos a través de objetos OLE manipulados. A flaw was found in the OLE (Object Linking and Embedding) generation in LibreOffice. An attacker could use this flaw to embed malicious OLE code in a LibreOffice document, allowing for arbitrary code execution. • http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html http://rhn.redhat.com/errata/RHSA-2015-0377.html http://secunia.com/advisories/59600 http://secunia.com/advisories/59877 http://www.openoffice.org/security/cves/CVE-2014-3575.html http://www.securityfocus.com/bid/69354 http://www.securitytracker.com/id/103075 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •