Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libreoffice
(Libreoffice)| Repositories |
• https://github.com/LibreOffice/core
• https://github.com/dajobe/raptor |
| #Vulnerabilities | 59 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-07 | CVE-2018-18688 | The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also... | Master_pdf_editor, Foxit_reader, Phantompdf, Nitro_pro, Nitro_reader, Pdf_editor_6, Pdfelement6, Libreoffice, Power_pdf_standard, Pdf_studio, Pdf_studio_viewer_2018, Perfect_pdf_10, Perfect_pdf_reader | 5.3 | ||
| 2017-09-09 | CVE-2017-14226 | WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application. | Libreoffice, Libwpd | 7.5 | ||
| 2019-03-25 | CVE-2018-16858 | It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location. | Libreoffice | 9.8 | ||
| 2018-02-09 | CVE-2018-6871 | LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. | Ubuntu_linux, Debian_linux, Libreoffice, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 9.8 | ||
| 2018-08-05 | CVE-2018-14939 | The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site. | Libreoffice | 9.8 | ||
| 2017-04-30 | CVE-2017-8358 | LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. | Libreoffice | 9.8 | ||
| 2017-04-15 | CVE-2017-7882 | LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | Libreoffice | 9.8 | ||
| 2017-04-14 | CVE-2017-7870 | LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | Libreoffice | 9.8 | ||
| 2017-04-14 | CVE-2017-7856 | LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. | Libreoffice | 9.8 | ||
| 2016-07-08 | CVE-2016-4324 | Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens. | Ubuntu_linux, Debian_linux, Libreoffice | 7.8 |