CVE-2015-5213

2015-11-10 18:59:03 2017-07-01 03:29:18

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Canonical Ubuntu Linux 15.04 Canonical Ubuntu Linux 14.04 LTS (Long-Term Support) Debian Linux 8.0 (Jessie) Canonical Ubuntu Linux 12.04 LTS Debian Linux 7.0

Apache Software Foundation OpenOffice 4.1.1 Libreoffice Libreoffice 4.4.4 (not an official CPE)

Apache - Openoffice Canonical - Ubuntu linux Libreoffice - Libreoffice Debian - Debian linux

Advisory	Patch	Confirmed	Link
			GLSA-201603-05
			http://www.openoffice.org/security/cves/CVE-2015-5213.ht...
			http://www.oracle.com/technetwork/topics/security/linuxb...
			77486
			1034091
			USN-2793-1
			http://www.libreoffice.org/about-us/security/advisories/...
			1034085
			DSA-3394
			RHSA-2015:2619
			GLSA-201611-03

CVE-2015-5213

2015-11-10 18:59:03 2017-07-01 03:29:18

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)