Описание
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
A flaw was found in the way the LibreOffice HWP (Hangul Word Processor) file filter processed certain HWP documents. An attacker able to trick a user into opening a specially crafted HWP document could possibly use this flaw to execute arbitrary code with the privileges of the user opening that document.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | openoffice.org | Affected | ||
| Red Hat Enterprise Linux 6 | libreoffice | Fixed | RHSA-2015:1458 | 21.07.2015 |
| Red Hat Enterprise Linux 7 | glm | Fixed | RHBA-2015:2197 | 23.11.2015 |
| Red Hat Enterprise Linux 7 | inkscape | Fixed | RHBA-2015:2197 | 23.11.2015 |
| Red Hat Enterprise Linux 7 | libabw | Fixed | RHBA-2015:2197 | 23.11.2015 |
| Red Hat Enterprise Linux 7 | libcdr | Fixed | RHBA-2015:2197 | 23.11.2015 |
| Red Hat Enterprise Linux 7 | libetonyek | Fixed | RHBA-2015:2197 | 23.11.2015 |
| Red Hat Enterprise Linux 7 | libfreehand | Fixed | RHBA-2015:2197 | 23.11.2015 |
| Red Hat Enterprise Linux 7 | libmspub | Fixed | RHBA-2015:2197 | 23.11.2015 |
| Red Hat Enterprise Linux 7 | libmwaw | Fixed | RHBA-2015:2197 | 23.11.2015 |
Показывать по
Дополнительная информация
Статус:
4.6 Medium
CVSS2
Связанные уязвимости
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and ...
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
ELSA-2015-1458: libreoffice security, bug fix, and enhancement update (MODERATE)
4.6 Medium
CVSS2