Описание
The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libreoffice | fixed | 1:4.3.3-1 | package |
Примечания
http://www.openoffice.org/security/cves/CVE-2016-1513.html
http://www.talosintelligence.com/reports/TALOS-2016-0051/
https://cgit.freedesktop.org/libreoffice/core/commit/?id=fd64d444b730f6cb7216dac8f6e3f9
https://cgit.freedesktop.org/libreoffice/core/commit/?id=adbdac2dd6799789a45cd3b6ca48919889a8b64d (origin/libreoffice-4-3-3)
Fixed at least in 4.3.3 based version, maybe alredy earlier.
Связанные уязвимости
The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.