MDVSA-2012:063 -- Mandriva libreofficeID: oval:org.secpod.oval:def:302821 | Date: (C)2012-12-20 (M)2024-02-19 |
Class: PATCH | Family: unix |
An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application . libreoffice for Mandriva Linux 2011 has been upgraded to the 3.4.6 version which is not vulnerable to this issue.
Platform: |
Mandriva Linux 2011.0 |