Download
| Alert*
|
oval:org.secpod.oval:def:7976
The host is installed with LibreOffice 3.5.x before 3.5.7.2 or 3.6.x before 3.6.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted odt file to vcllo.dll, ODG (Drawing document) file to svxcorelo.dll, PolyPolygon record in a .wmf ( ... oval:org.secpod.oval:def:204755 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:7157 The host is installed with OpenOffice.org less than or equal to 3.4.0 or LibreOffice before 3.5.5 and is prone to multiple heap based buffer overflow vulnerabilities. The flaws are present in the applications, which fail to handle a crafted Open Document Text (.odt) file with (1) a child tag within ... oval:org.secpod.oval:def:7155 The host is installed with OpenOffice.org before 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted embedded image object. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:7156 The host is installed with OpenOffice.org (OOo) 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to properly handle the length of an Escher graphics record in a PowerPoint (.ppt) document. Successful exploitation co ... oval:org.secpod.oval:def:202415 LibreOffice is an open source, community-developed office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way Libr ... oval:org.secpod.oval:def:204764 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:7160 The host is installed with OpenOffice.org before 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to handle a crafted embedded image object. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:7161 The host is installed with OpenOffice.org (OOo) 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to properly handle the length of an Escher graphics record in a PowerPoint (.ppt) document. Successful exploitation co ... oval:org.secpod.oval:def:500862 LibreOffice is an open source, community-developed office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way Libr ... oval:org.secpod.oval:def:7162 The host is installed with OpenOffice.org less than or equal to 3.4 or LibreOffice before 3.5.5 and is prone to multiple heap based buffer overflow vulnerabilities. The flaws are present in the applications, which fail to handle a crafted Open Document Text (.odt) file with (1) a child tag within an ... oval:org.secpod.oval:def:7977 The host is installed with LibreOffice 3.5.x before 3.5.7.2 or 3.6.x before 3.6.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted odt file to vcllo.dll, ODG (Drawing document) file to svxcorelo.dll, PolyPolygon record in a .wmf ( ... oval:org.secpod.oval:def:1800421 LibreOffice Calc supports a WEBSERVICE function to obtain data by URL. Vulnerable versions of LibreOffice allow WEBSERVICE to take a local file URL which can be used to inject local files into the spreadsheet without warning the user. Subsequent formulas can operate on that inserted data and constr ... oval:org.secpod.oval:def:502239 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:44398 The host is installed with LibreOffice before 5.4.5 or 6.x before 6.0.1 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle =WEBSERVICE calls in a document. Successful exploitation could allow remote attackers to read arbitrary f ... oval:org.secpod.oval:def:1502146 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:44394 The host is installed with LibreOffice before 5.4.5 or 6.0 before 6.0.1 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle =WEBSERVICE calls in a document. Successful exploitation could allow remote attackers to read arbitrary f ... oval:org.secpod.oval:def:53250 Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that missing restrictions in the implementation of the WEBSERVICE function in LibreOffice could result in the disclosure of arbitrary files readable by the user who opens a malformed document. oval:org.secpod.oval:def:502245 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extend ... oval:org.secpod.oval:def:1502154 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:45294 The host is installed with LibreOffice before 5.4.6.1 or 6.x before 6.0.2.1 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly validate a customizations index. Successful exploitation could allow remote attackers to crash the ser ... oval:org.secpod.oval:def:50610 The host is installed with LibreOffice 6.0 before 6.0.7 or 6.1 before 6.1.3 or Apache OpenOffice through 4.1.6 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a directory traversal flaw. Successful exploitation could allow a ... oval:org.secpod.oval:def:53308 Two vulnerabilities were discovered in LibreOffice"s code to parse MS Word and Structured Storage files, which could result in denial of service and potentially the execution of arbitrary code if a malformed file is opened. oval:org.secpod.oval:def:45295 The host is installed with LibreOffice before 5.4.5 or 6.x before 6.0.1 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle an incorrect integer data type in the StgSmallStrm class. Successful exploitation could allow remote attackers ... |
