Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libreoffice
(Libreoffice)Repositories |
• https://github.com/LibreOffice/core
• https://github.com/dajobe/raptor |
#Vulnerabilities | 59 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-08-05 | CVE-2018-14939 | The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site. | Libreoffice | 9.8 | ||
2017-04-30 | CVE-2017-8358 | LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. | Libreoffice | 9.8 | ||
2017-04-15 | CVE-2017-7882 | LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | Libreoffice | 9.8 | ||
2017-04-14 | CVE-2017-7870 | LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | Libreoffice | 9.8 | ||
2017-04-14 | CVE-2017-7856 | LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. | Libreoffice | 9.8 | ||
2016-07-08 | CVE-2016-4324 | Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens. | Ubuntu_linux, Debian_linux, Libreoffice | 7.8 | ||
2017-04-14 | CVE-2016-10327 | LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. | Libreoffice | 9.8 | ||
2015-11-10 | CVE-2015-5214 | LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file. | Openoffice, Ubuntu_linux, Debian_linux, Libreoffice | N/A | ||
2015-11-10 | CVE-2015-5213 | Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow. | Openoffice, Ubuntu_linux, Debian_linux, Libreoffice | N/A | ||
2014-11-26 | CVE-2014-9093 | LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file. | Ubuntu_linux, Debian_linux, Fedora, Libreoffice | N/A |