Search CVE reports
51 – 60 of 93 results
CVE-2017-7882
Medium priorityLibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.
2 affected packages
libreoffice, openoffice.org
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | Not affected |
| openoffice.org | — | — | — | — | Not in release |
CVE-2017-7856
Medium priorityLibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.
2 affected packages
libreoffice, openoffice.org
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | Not affected |
| openoffice.org | — | — | — | — | Not in release |
CVE-2017-7870
Medium prioritySome fixes available 3 of 4
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
2 affected packages
libreoffice, openoffice.org
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | Fixed |
| openoffice.org | — | — | — | — | Not in release |
CVE-2016-10327
Medium priorityLibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
2 affected packages
libreoffice, openoffice.org
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | Fixed |
| openoffice.org | — | — | — | — | Not in release |
CVE-2017-3157
Medium priorityBy exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g.,...
2 affected packages
libreoffice, openoffice.org
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | Fixed |
| openoffice.org | — | — | — | — | Not in release |
CVE-2016-1513
Medium priorityThe Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
2 affected packages
libreoffice, openoffice.org
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | Not affected |
| openoffice.org | — | — | — | — | Not in release |
CVE-2016-4324
Medium priorityUse-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.
2 affected packages
libreoffice, openoffice.org
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | Fixed |
| openoffice.org | — | — | — | — | Not in release |
CVE-2016-0795
Medium priorityLibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.
2 affected packages
libreoffice, openoffice.org
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | — |
| openoffice.org | — | — | — | — | — |
CVE-2016-0794
Medium priorityThe lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document.
2 affected packages
libreoffice, openoffice.org
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | — |
| openoffice.org | — | — | — | — | — |
CVE-2015-5214
Medium priorityLibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a...
1 affected package
libreoffice
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libreoffice | — | — | — | — | — |