Download
| Alert*
oval:org.secpod.oval:def:40421
The host is installed with LibreOffice before 5.2.5 and is prone to a heap-buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted wmf file. Successful exploitation could allow remote attackers to trigger a heap buffer overflow. oval:org.secpod.oval:def:7976 The host is installed with LibreOffice 3.5.x before 3.5.7.2 or 3.6.x before 3.6.1 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted odt file to vcllo.dll, ODG (Drawing document) file to svxcorelo.dll, PolyPolygon record in a .wmf ( ... oval:org.secpod.oval:def:40420 The host is installed with LibreOffice before 5.2.5 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted emf file. Successful exploitation could allow remote attackers to trigger a heap buffer overflow. oval:org.secpod.oval:def:31650 The host is installed with LibreOffice before 4.4.5 or Apache OpenOffice before 4.1.2 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle a long DOC file, which triggers a buffer overflow. Successful exploitation could allow attackers to cau ... oval:org.secpod.oval:def:31651 The host is installed with LibreOffice before 4.4.6, 5.x before 5.0.1 or Apache OpenOffice before 4.1.2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle an index to a non-existent bookmark in a DOC file. Successful exploitation could allo ... oval:org.secpod.oval:def:31648 The host is installed with LibreOffice before 4.4.5 or Apache OpenOffice before 4.1.2 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which use the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling ... oval:org.secpod.oval:def:7152 LibreOffice is installed oval:org.secpod.oval:def:31649 The host is installed with LibreOffice before 4.4.5 or Apache OpenOffice before 4.1.2 and is prone to an integer underflow vulnerability. A flaw is present in the applications, which fail to handle a crafted PrinterSetup data in an ODF document. Successful exploitation could allow attackers to cause ... oval:org.secpod.oval:def:63275 LibreOffice 6.4.x is installed oval:org.secpod.oval:def:40419 The host is installed with LibreOffice before 5.1.6 or 5.2.x before 5.2.2 and is prone to an arbitrary file disclosure vulnerability. A flaw is present in the application, which fails to handle embedded object. Successful exploitation could allow remote attackers to expose details of the environment ... oval:org.secpod.oval:def:26778 The host is installed with LibreOffice before 4.3.7, 4.4.x before 4.4.2 or Apache OpenOffice before 4.1.2 and is prone to an out-of-bounds write vulnerability. A flaw is present in the application, which fails to handle a crafted HWP document. Successful exploitation could allow attackers to crash ... oval:org.secpod.oval:def:8176 The host is installed with OpenOffice.org 3.3.0 or prior or LibreOffice before 3.4.3 and is prone to denial of service vulnerability. A flaw is present in the applications, which fails to properly a handle crafted DOC file that can trigger an out-of-bounds read. Successful exploitation allows remote ... oval:org.secpod.oval:def:21792 The host is installed with LibreOffice before 4.3.5 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted RTF file. Successful exploitation could allow attackers to cause a denial of service (invalid write operation and crash) and poss ... oval:org.secpod.oval:def:33068 The host is installed with LibreOffice before 5.0.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted LotusWordPro (lwp) document. Successful exploitation could allow remote attackers to cause a denial of service (memory corrup ... oval:org.secpod.oval:def:33067 The host is installed with LibreOffice before 5.0.5.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document. Successful exploitation could allow remote attackers to cause a de ... oval:org.secpod.oval:def:7157 The host is installed with OpenOffice.org less than or equal to 3.4.0 or LibreOffice before 3.5.5 and is prone to multiple heap based buffer overflow vulnerabilities. The flaws are present in the applications, which fail to handle a crafted Open Document Text (.odt) file with (1) a child tag within ... oval:org.secpod.oval:def:7155 The host is installed with OpenOffice.org before 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted embedded image object. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:7156 The host is installed with OpenOffice.org (OOo) 3.3 or LibreOffice before 3.5.3 and is prone to an integer overflow vulnerability. A flaw is present in the applications, which fails to properly handle the length of an Escher graphics record in a PowerPoint (.ppt) document. Successful exploitation co ... oval:org.secpod.oval:def:35967 The host is installed with LibreOffice before 5.1.4.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted RTF file, related to stylesheet and supercript tokens. Successful exploitation could allow remote attackers to execute arbitrar ... oval:org.secpod.oval:def:44394 The host is installed with LibreOffice before 5.4.5 or 6.0 before 6.0.1 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle =WEBSERVICE calls in a document. Successful exploitation could allow remote attackers to read arbitrary f ... oval:org.secpod.oval:def:45294 The host is installed with LibreOffice before 5.4.6.1 or 6.x before 6.0.2.1 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly validate a customizations index. Successful exploitation could allow remote attackers to crash the ser ... oval:org.secpod.oval:def:45295 The host is installed with LibreOffice before 5.4.5 or 6.x before 6.0.1 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle an incorrect integer data type in the StgSmallStrm class. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:84996 The host is installed with LibreOffice 7.3.x before 7.3.6 or 7.4.x before 7.4.1 and is prone to an improper input validation vulnerability. A flaw is present in the application, which fails to properly handle office URI schemes. Successful exploitation allows attackers to call internal macros with a ... oval:org.secpod.oval:def:63274 The host is installed with LibreOffice 6.3.x before 6.3.6 or 6.4.x before 6.4.3 and is prone to a missing encryption vulnerability. A flaw is present in the application, which fails to handle encryption of auto-saved non ODF file format upon subsequent saves after crash. Successful exploitation coul ... oval:org.secpod.oval:def:7154 The host is installed with OpenOffice 3.3 or LibreOffice before 3.4.6 or 3.5.x before 3.5.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fails to handle a crafted XML external entity (XXE) declaration and reference in an RDF document. Successf ... |