Download
| Alert*
oval:org.secpod.oval:def:601965
libreoffice is installed oval:org.secpod.oval:def:106597 libreoffice is installed oval:org.secpod.oval:def:18073 libreoffice subpackages are installed oval:org.secpod.oval:def:605111 libreoffice is installed oval:org.secpod.oval:def:1800126 libreoffice is installed oval:org.secpod.oval:def:603162 Marcin Noga discovered two vulnerabilities in LibreOffice, which could result in the execution of arbitrary code if a malformed PPT or DOC document is opened. oval:org.secpod.oval:def:107961 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:108155 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:31650 The host is installed with LibreOffice before 4.4.5 or Apache OpenOffice before 4.1.2 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle a long DOC file, which triggers a buffer overflow. Successful exploitation could allow attackers to cau ... oval:org.secpod.oval:def:31651 The host is installed with LibreOffice before 4.4.6, 5.x before 5.0.1 or Apache OpenOffice before 4.1.2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle an index to a non-existent bookmark in a DOC file. Successful exploitation could allo ... oval:org.secpod.oval:def:31648 The host is installed with LibreOffice before 4.4.5 or Apache OpenOffice before 4.1.2 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which use the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling ... oval:org.secpod.oval:def:31649 The host is installed with LibreOffice before 4.4.5 or Apache OpenOffice before 4.1.2 and is prone to an integer underflow vulnerability. A flaw is present in the applications, which fail to handle a crafted PrinterSetup data in an ODF document. Successful exploitation could allow attackers to cause ... oval:org.secpod.oval:def:8176 The host is installed with OpenOffice.org 3.3.0 or prior or LibreOffice before 3.4.3 and is prone to denial of service vulnerability. A flaw is present in the applications, which fails to properly a handle crafted DOC file that can trigger an out-of-bounds read. Successful exploitation allows remote ... oval:org.secpod.oval:def:110466 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:7976 The host is installed with LibreOffice 3.5.x before 3.5.7.2 or 3.6.x before 3.6.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted odt file to vcllo.dll, ODG (Drawing document) file to svxcorelo.dll, PolyPolygon record in a .wmf ( ... oval:org.secpod.oval:def:63275 LibreOffice 6.4.x is installed oval:org.secpod.oval:def:66773 libreoffice is installed oval:org.secpod.oval:def:7152 LibreOffice is installed oval:org.secpod.oval:def:26778 The host is installed with LibreOffice before 4.3.7, 4.4.x before 4.4.2 or Apache OpenOffice before 4.1.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to handle a crafted HWP document. Successful exploitation could allow attackers to crash ... oval:org.secpod.oval:def:204755 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:203785 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:110838 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:40419 The host is installed with LibreOffice before 5.1.6 or 5.2.x before 5.2.2 and is prone to an arbitrary file disclosure vulnerability. A flaw is present in the application, which fails to handle embedded object. Successful exploitation could allow remote attackers to expose details of the environment ... oval:org.secpod.oval:def:40421 The host is installed with LibreOffice before 5.2.5 and is prone to a heap-buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted wmf file. Successful exploitation could allow remote attackers to trigger a heap buffer overflow. oval:org.secpod.oval:def:40420 The host is installed with LibreOffice before 5.2.5 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted emf file. Successful exploitation could allow remote attackers to trigger a heap buffer overflow. oval:org.secpod.oval:def:204667 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:204473 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:1505640 [1:6.4.7.2-10.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Build with --with-vendor="Oracle America, Inc." - Added the --with-hamcrest option to configure. [1:6.4.7.2-10] - Related: rhbz#2029810 bump n-v-r [1:6.4.7.2-9] - Related: rhbz#2029810 set NoDisplay=true for .desktop on s390 ... oval:org.secpod.oval:def:1800734 Parsing the Rich Text Format character style index was insufficiently checked for validity. Documents can be constructed which dereference an iterator to the first entry of an empty STL container. Fixed in libreoffice 5.1.4, libreoffice 5.2.0 oval:org.secpod.oval:def:1800918 CVE-2017-7870 Heap-buffer-overflow in WMF polygon processing Windows Metafiles can contain polygons which under certain circumstances when processed can result in output polygons which have too many points to be represented by LibreOffice"s internal polygon class. Fixed in LibreOffice 5.2.5/5.3.0 ... oval:org.secpod.oval:def:1800125 Parsing the Rich Text Format character style index was insufficiently checked for validity. Documents can be constructed which dereference an iterator to the first entry of an empty STL container. Fixed In: libreoffice 5.1.4, libreoffice 5.2.0 oval:org.secpod.oval:def:21792 The host is installed with LibreOffice before 4.3.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted RTF file. Successful exploitation could allow attackers to cause a denial of service (invalid write operation and crash) and poss ... oval:org.secpod.oval:def:4754 LibreOffice is installed oval:org.secpod.oval:def:503589 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:26859 The host is installed with LibreOffice before 4.3.7001, 4.4.x before 4.4.2002 or Apache OpenOffice before 4.1.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to handle a crafted HWP document. Successful exploitation could allow attackers to c ... oval:org.secpod.oval:def:31652 The host is installed with LibreOffice before 4.4.5001 or Apache OpenOffice before 4.1.2 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which use the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handl ... oval:org.secpod.oval:def:31653 The host is installed with LibreOffice before 4.4.5001 or Apache OpenOffice before 4.1.2 and is prone to an integer underflow vulnerability. A flaw is present in the applications, which fail to handle a crafted PrinterSetup data in an ODF document. Successful exploitation could allow attackers to ca ... oval:org.secpod.oval:def:31654 The host is installed with LibreOffice before 4.4.5 or Apache OpenOffice before 4.1.2 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle a long DOC file, which triggers a buffer overflow. Successful exploitation could allow attackers to cau ... oval:org.secpod.oval:def:31655 The host is installed with LibreOffice before 4.4.6001, 5.x before 5.0.1002 or Apache OpenOffice before 4.1.2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle an index to a non-existent bookmark in a DOC file. Successful exploitation coul ... oval:org.secpod.oval:def:40422 The host is installed with LibreOffice before 5.1.6002 or 5.2.x before 5.2.2002 or OpenOffice.org through 4.1.3 and is prone to an arbitrary file disclosure vulnerability. A flaw is present in the application, which fails to handle embedded object. Successful exploitation could allow remote attacker ... oval:org.secpod.oval:def:40423 The host is installed with LibreOffice before 5.2.5002 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted emf file. Successful exploitation could allow remote attackers to trigger a heap buffer overflow. oval:org.secpod.oval:def:40424 The host is installed with LibreOffice before 5.2.5002 and is prone to a heap-buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted wmf file. Successful exploitation could allow remote attackers to trigger a heap buffer overflow. oval:org.secpod.oval:def:204172 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:110214 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:602377 An anonymous contributor working with VeriSign iDefense Labs discovered that libreoffice, a full-featured office productivity suite, did not correctly handle Lotus WordPro files. This would enable an attacker to crash the program, or execute arbitrary code, by supplying a specially crafted LWP file. oval:org.secpod.oval:def:33068 The host is installed with LibreOffice before 5.0.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted LotusWordPro (lwp) document. Successful exploitation could allow remote attackers to cause a denial of service (memory corrup ... oval:org.secpod.oval:def:33067 The host is installed with LibreOffice before 5.0.5.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document. Successful exploitation could allow remote attackers to cause a de ... oval:org.secpod.oval:def:1501647 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:501910 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:204219 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:23617 The host is installed with LibreOffice before 4.1.1 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle crafted OLE objects. Successful exploitation might allow remote attackers to embed arbitrary data into documents. oval:org.secpod.oval:def:107459 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:1500933 Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599. oval:org.secpod.oval:def:107146 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:21525 The host is installed with LibreOffice 4.2.4 and is prone to a unspecified vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to execute arbitrary code oval:org.secpod.oval:def:501517 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:7157 The host is installed with OpenOffice.org less than or equal to 3.4.0 or LibreOffice before 3.5.5 and is prone to multiple heap based buffer overflow vulnerabilities. The flaws are present in the applications, which fail to handle a crafted Open Document Text (.odt) file with (1) a child tag within ... oval:org.secpod.oval:def:7155 The host is installed with OpenOffice.org before 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted embedded image object. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:7156 The host is installed with OpenOffice.org (OOo) 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to properly handle the length of an Escher graphics record in a PowerPoint (.ppt) document. Successful exploitation co ... oval:org.secpod.oval:def:507290 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:1506163 [6.4.7.2-11.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Build with --with-vendor=Oracle America, Inc. - Added the --with-hamcrest option to configure. [1:6.4.7.2-11] - Resolves: rhbz#2060559 CVE-2021-25636 oval:org.secpod.oval:def:202415 LibreOffice is an open source, community-developed office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way Libr ... oval:org.secpod.oval:def:501724 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:203784 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:602270 Multiple vulnerabilities have been discovered in LibreOffice, a full-featured office productivity: CVE-2015-4551 Federico Scrinzi discovered an information leak in the handling of ODF documents. Quoting from https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/: The LinkUpdateMode ... oval:org.secpod.oval:def:1501266 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:1501278 It was discovered that LibreOffice did not properly restrict automatic link updates. By tricking a victim into opening specially crafted documents, an attacker could possibly use this flaw to disclose contents of files accessible by the victim. oval:org.secpod.oval:def:108804 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:501609 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:1501089 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:602062 It was discovered that missing input sanitising in Libreoffice"s filter for HWP documents may result in the execution of arbitrary code if a malformed document is opened. oval:org.secpod.oval:def:108835 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:204480 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:204224 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:204764 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:117089 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:4755 The host is installed with OpenOffice.org 3.3.0 or prior or LibreOffice before 3.4.3 and is prone to denial of service vulnerability. A flaw is present in the applications, which fail to properly a handle crafted DOC file that can trigger an out-of-bounds read. Successful exploitation allows remote ... oval:org.secpod.oval:def:47877 The host is installed with LibreOffice 6.x through 6.0.5002 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a realpath function in certain environments such as FreeBSD libc. Successful exploitation could allow attackers to cause ... oval:org.secpod.oval:def:57579 The host is installed with LibreOffice before 6.2.5 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle the issue in stealth mode. Successful exploitation could allow attackers to construct documents containing hyperlinks pointin ... oval:org.secpod.oval:def:57580 The host is installed with LibreOffice before 6.2.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an issue in the LibreLogo. Successful exploitation could allow attackers to execute arbitrary python commands. oval:org.secpod.oval:def:71310 The host is installed with LibreOffice 6.1.0.3 or 6.1.3.2 and is prone to a signature validation bypass vulnerability. A flaw is present in the application, which fails to properly handle issues in signature validation. Successful exploitation could allow attackers to use the incremental saving feat ... oval:org.secpod.oval:def:71311 The host is installed with LibreOffice before 6.1.6 or 6.2.x before 6.2.3 and is prone to an improper input validation vulnerability. A flaw is present in the application, which fails to process a hyperlink target. Successful exploitation could allow attackers to launch executable targets unconditio ... oval:org.secpod.oval:def:7160 The host is installed with OpenOffice.org before 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to handle a crafted embedded image object. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:7161 The host is installed with OpenOffice.org (OOo) 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to properly handle the length of an Escher graphics record in a PowerPoint (.ppt) document. Successful exploitation co ... oval:org.secpod.oval:def:7162 The host is installed with OpenOffice.org less than or equal to 3.4 or LibreOffice before 3.5.5 and is prone to multiple heap based buffer overflow vulnerabilities. The flaws are present in the applications, which fail to handle a crafted Open Document Text (.odt) file with (1) a child tag within an ... oval:org.secpod.oval:def:1503812 Updated libreoffice packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is ... oval:org.secpod.oval:def:500862 LibreOffice is an open source, community-developed office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way Libr ... oval:org.secpod.oval:def:88313 Two security issues have been discovered in LibreOffice"s support for digital signatures in ODF documents, which could result in incorrect signature indicators/timestamps being presented. oval:org.secpod.oval:def:76136 The host is installed with LibreOffice 7.0.x before 7.0.6 or 7.1.x before 7.1.2 and is prone to an improper certificate validation vulnerability. A flaw is present in the application, which fails to properly handle digital signatures of ODF documents. Successful exploitation allows attackers to crea ... oval:org.secpod.oval:def:76137 The host is installed with LibreOffice 7.0.x before 7.0.6 or 7.1.x before 7.1.2 and is prone to an improper certificate validation vulnerability. A flaw is present in the application, which fails to properly handle digital signatures of ODF documents. Successful exploitation allows attackers to modi ... oval:org.secpod.oval:def:7977 The host is installed with LibreOffice 3.5.x before 3.5.7.2 or 3.6.x before 3.6.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted odt file to vcllo.dll, ODG (Drawing document) file to svxcorelo.dll, PolyPolygon record in a .wmf ( ... oval:org.secpod.oval:def:2500854 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:3300760 SUSE Security Update: Security update for libreoffice oval:org.secpod.oval:def:105773 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:703487 libreoffice: Office productivity suite LibreOffice could be made to disclose files if it opened a specially crafted file. oval:org.secpod.oval:def:51729 libreoffice: Office productivity suite LibreOffice could be made to disclose files if it opened a specially crafted file. oval:org.secpod.oval:def:36103 The host is installed with LibreOffice before 5.1.4002 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted RTF file, related to stylesheet and supercript tokens. Successful exploitation could allow remote attackers to execute arbitra ... oval:org.secpod.oval:def:502014 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:502019 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:35967 The host is installed with LibreOffice before 5.1.4.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted RTF file, related to stylesheet and supercript tokens. Successful exploitation could allow remote attackers to execute arbitrar ... oval:org.secpod.oval:def:1501833 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501838 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:602547 Aleksandar Nikolic discovered that missing input sanitising in the RTF parser in Libreoffice may result in the execution of arbitrary code if a malformed documented is opened. oval:org.secpod.oval:def:602784 Ben Hayak discovered that objects embedded in Writer and Calc documents may result in information disclosure. Please see https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ for additional information. oval:org.secpod.oval:def:502072 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:1501995 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:112365 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:602860 It was discovered that a buffer overflow in processing Windows Metafiles may result in denial of service or the execution of arbitrary code if a malformed document is opened. oval:org.secpod.oval:def:114005 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:114365 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:114025 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:114326 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:1502146 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502154 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:44398 The host is installed with LibreOffice before 5.4.5 or 6.x before 6.0.1 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle =WEBSERVICE calls in a document. Successful exploitation could allow remote attackers to read arbitrary f ... oval:org.secpod.oval:def:44394 The host is installed with LibreOffice before 5.4.5 or 6.0 before 6.0.1 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle =WEBSERVICE calls in a document. Successful exploitation could allow remote attackers to read arbitrary f ... oval:org.secpod.oval:def:603268 Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that missing restrictions in the implementation of the WEBSERVICE function in LibreOffice could result in the disclosure of arbitrary files readable by the user who opens a malformed document. oval:org.secpod.oval:def:603269 Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that missing restrictions in the implementation of the WEBSERVICE function in LibreOffice could result in the disclosure of arbitrary files readable by the user who opens a malformed document. oval:org.secpod.oval:def:502239 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:502245 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:1800421 LibreOffice Calc supports a WEBSERVICE function to obtain data by URL. Vulnerable versions of LibreOffice allow WEBSERVICE to take a local file URL which can be used to inject local files into the spreadsheet without warning the user. Subsequent formulas can operate on that inserted data and constr ... oval:org.secpod.oval:def:53250 Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that missing restrictions in the implementation of the WEBSERVICE function in LibreOffice could result in the disclosure of arbitrary files readable by the user who opens a malformed document. oval:org.secpod.oval:def:205261 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:50610 The host is installed with LibreOffice 6.0 before 6.0.7 or 6.1 before 6.1.3 or Apache OpenOffice through 4.1.6 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a directory traversal flaw. Successful exploitation could allow a ... oval:org.secpod.oval:def:50612 The host is installed with LibreOffice 6.0 before 6.0.7, 6.1 before 6.1.3 or OpenOffice through 4.1.6 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a directory traversal flaw. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:50618 It was found that libreoffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system locatio ... oval:org.secpod.oval:def:115904 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:45294 The host is installed with LibreOffice before 5.4.6.1 or 6.x before 6.0.2.1 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly validate a customizations index. Successful exploitation could allow remote attackers to crash the ser ... oval:org.secpod.oval:def:45295 The host is installed with LibreOffice before 5.4.5 or 6.x before 6.0.1 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle an incorrect integer data type in the StgSmallStrm class. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:503236 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:53308 Two vulnerabilities were discovered in LibreOffice"s code to parse MS Word and Structured Storage files, which could result in denial of service and potentially the execution of arbitrary code if a malformed file is opened. oval:org.secpod.oval:def:114402 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:2001262 An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XM ... oval:org.secpod.oval:def:603372 Two vulnerabilities were discovered in LibreOffice"s code to parse MS Word and Structured Storage files, which could result in denial of service and potentially the execution of arbitrary code if a malformed file is opened. oval:org.secpod.oval:def:53506 Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document. oval:org.secpod.oval:def:603623 Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document. oval:org.secpod.oval:def:69901 It was discovered that the code fixes to address CVE-2018-16858 and CVE-2019-9848 were not complete. oval:org.secpod.oval:def:604525 It was discovered that the code fixes for LibreOffice to address CVE-2019-9852 were not complete. Additional information can be found at https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/ oval:org.secpod.oval:def:69754 It was discovered that the code fixes for LibreOffice to address CVE-2019-9852 were not complete. Additional information can be found at https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/ oval:org.secpod.oval:def:205532 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:69892 Two security issues have been discovered in LibreOffice: CVE-2019-9848 Nils Emmerich discovered that malicious documents could execute arbitrary Python code via LibreLogo. CVE-2019-9849 Matei Badanoiu discovered that the stealth mode did not apply to bullet graphics. oval:org.secpod.oval:def:1701679 LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary p ... oval:org.secpod.oval:def:93350 Two security issues were discocvered in LibreOffice, which could potentially result in the execution of arbitrary code when loading a malformed spreadsheet document or unacknowlegded loading of linked documents within a floating frame. oval:org.secpod.oval:def:91467 libreoffice: Office productivity suite LibreOffice could be made to run arbitrary code if an empty entry to the java class path is configured. oval:org.secpod.oval:def:708089 libreoffice: Office productivity suite LibreOffice could be made to run arbitrary code if an empty entry to the java class path is configured. oval:org.secpod.oval:def:707753 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:2600132 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:88413 It was discovered that insufficient validation of vnd.libreoffice.command URI schemes could result in the execution of arbitrary macro commands. oval:org.secpod.oval:def:84996 The host is installed with LibreOffice 7.3.x before 7.3.6 or 7.4.x before 7.4.1 and is prone to an improper input validation vulnerability. A flaw is present in the application, which fails to properly handle office URI schemes. Successful exploitation allows attackers to call internal macros with a ... oval:org.secpod.oval:def:88609 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:85307 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:2500914 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:88493 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:88491 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:507491 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:5800032 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:85074 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:1506361 [6.4.7.2-12.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Build with --with-vendor=Oracle America, Inc. - Added the --with-hamcrest option to configure. [1:6.4.7.2-12] - Resolves: rhbz#2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz#2134751 CVE-2022-26307 Weak Master Keys - ... oval:org.secpod.oval:def:4501218 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:1506374 [7.1.8.1-8.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Build with --with-vendor=Oracle America, Inc. - Added the --with-hamcrest option to configure. [1:7.1.8.1-8] - Resolves: rhbz#2134759 Untrusted Macros - Resolves: rhbz#2134757 Weak Master Keys - Resolves: rhbz#2134755 Static In ... oval:org.secpod.oval:def:3301279 SUSE Security Update: Security update for libreoffice oval:org.secpod.oval:def:2600373 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:3301556 Security update for libreoffice oval:org.secpod.oval:def:1701792 A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker oval:org.secpod.oval:def:2501231 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:118395 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:67983 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:2500166 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:707777 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:504731 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:2003977 If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice"s d ... oval:org.secpod.oval:def:2003979 LibreOffice has a "stealth mode" in which only documents from locations deemed "trusted" are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice"s ability to include remote resources within a document. A flaw existed wh ... oval:org.secpod.oval:def:2003978 ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for ... oval:org.secpod.oval:def:88471 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:126871 LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticate ... oval:org.secpod.oval:def:708672 libreoffice: Office productivity suite Details: USN-6546-1 fixed vulnerabilities in LibreOffice. This update provides the corresponding updates for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:96793 libreoffice: Office productivity suite Details: USN-6546-1 fixed vulnerabilities in LibreOffice. This update provides the corresponding updates for Linux Mint 20.x LTS and Linux Mint 21.x LTS. Original advisory Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:708652 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:708223 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:610583 Two security issues were discocvered in LibreOffice, which could potentially result in the execution of arbitrary code when loading a malformed spreadsheet document or unacknowlegded loading of linked documents within a floating frame. oval:org.secpod.oval:def:91501 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:612865 Reginaldo Silva discovered two security vulnerabilities in LibreOffice, which could result in the execution of arbitrary scripts or Gstreamer plugins when opening a malformed file. oval:org.secpod.oval:def:3302107 Security update for libreoffice oval:org.secpod.oval:def:7159 The host is installed with OpenOffice 3.3 or LibreOffice before 3.4.6 or 3.5.x before 3.5.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle a crafted XML external entity (XXE) declaration and reference in an RDF document. Successfu ... oval:org.secpod.oval:def:7154 The host is installed with OpenOffice 3.3 or LibreOffice before 3.4.6 or 3.5.x before 3.5.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fails to handle a crafted XML external entity (XXE) declaration and reference in an RDF document. Successf ... oval:org.secpod.oval:def:98506 Reginaldo Silva discovered two security vulnerabilities in LibreOffice, which could result in the execution of arbitrary scripts or Gstreamer plugins when opening a malformed file. oval:org.secpod.oval:def:1507399 [1:7.1.8.1-12.0.1] - Replace colors with Oracle colors [Orabug: 32120093] - Added the --with-hamcrest option to configure. [1:7.1.8.1-12] - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols |