Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-5213

Опубликовано: 04 нояб. 2015
Источник: redhat
CVSS2: 5.8
EPSS Низкий

Описание

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way LibreOffice processed certain Microsoft Word .doc files. By tricking a user into opening a specially crafted Microsoft Word .doc document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5openoffice.orgWill not fix
Red Hat Enterprise Linux 6libreofficeFixedRHSA-2015:261914.12.2015
Red Hat Enterprise Linux 7libreofficeFixedRHSA-2015:261914.12.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1278824libreoffice: Integer overflow in DOC files

EPSS

Процентиль: 91%
0.07579
Низкий

5.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-5213

ubuntu
почти 10 лет назад

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

nvd логотип

CVE-2015-5213

nvd
почти 10 лет назад

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

debian логотип

CVE-2015-5213

debian
почти 10 лет назад

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice bef ...

github логотип

GHSA-4jm9-44mg-28r7

github
больше 3 лет назад

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

fstec логотип

BDU:2015-12102

CVSS3: 7.8
fstec
почти 10 лет назад

Уязвимость операционных систем Debian GNU/Linux, Ubuntu, пакетов офисных программ LibreOffice и Apache OpenOffice, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

EPSS

Процентиль: 91%
0.07579
Низкий

5.8 Medium

CVSS2