[SECURITY] Fedora 23 Update: libreoffice-5.0.6.2-9.fc23

2016-07-05T08:26:54

Description

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticat ed and flexible, LibreOffice also works transparently with a variety of file formats, including Microsoft Office File Formats.

Affected Package

OS	OS Version	Package Name	Package Version
Fedora	23	libreoffice	5.0.6.2

{"id": "FEDORA:1D2966076284", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 23 Update: libreoffice-5.0.6.2-9.fc23", "description": "LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticat ed and flexible, LibreOffice also works transparently with a variety of file formats, including Microsoft Office File Formats. ", "published": "2016-07-05T08:26:54", "modified": "2016-07-05T08:26:54", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FV6XBUV3UYAWZUN6NODPYC5QIBWMKD2C/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2016-4324"], "immutableFields": [], "lastseen": "2020-12-21T08:17:53", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-201607-3"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2016-0590"]}, {"type": "cve", "idList": ["CVE-2016-4324"]}, {"type": "debian", "idList": ["DEBIAN:DLA-581-1:3B241", "DEBIAN:DLA-581-1:ABF84", "DEBIAN:DSA-3608-1:00C2E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-4324"]}, {"type": "freebsd", "idList": ["3159CD70-4AAA-11E6-A7BD-14DAE9D210B8"]}, {"type": "gentoo", "idList": ["GLSA-201611-03"]}, {"type": "kaspersky", "idList": ["KLA10837"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-581.NASL", "DEBIAN_DSA-3608.NASL", "FEDORA_2016-F0552E1341.NASL", "FREEBSD_PKG_3159CD704AAA11E6A7BD14DAE9D210B8.NASL", "GENTOO_GLSA-201611-03.NASL", "LIBREOFFICE_514.NASL", "MACOSX_LIBREOFFICE_514.NASL", "OPENSUSE-2016-1192.NASL", "SUSE_SU-2016-2472-1.NASL", "UBUNTU_USN-3022-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703608", "OPENVAS:1361412562310808548", "OPENVAS:1361412562310808574", "OPENVAS:1361412562310808575", "OPENVAS:1361412562310842819", "OPENVAS:703608"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-2579", "ELSA-2017-0914"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-4324"]}, {"type": "seebug", "idList": ["SSV:96735"]}, {"type": "talos", "idList": ["TALOS-2016-0126"]}, {"type": "ubuntu", "idList": ["USN-3022-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-4324"]}]}, "score": {"value": 5.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "archlinux", "idList": ["ASA-201607-3"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2016-0590"]}, {"type": "cve", "idList": ["CVE-2016-4324"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3608-1:00C2E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-4324"]}, {"type": "freebsd", "idList": ["3159CD70-4AAA-11E6-A7BD-14DAE9D210B8"]}, {"type": "gentoo", "idList": ["GLSA-201611-03"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-581.NASL", "DEBIAN_DSA-3608.NASL", "FEDORA_2016-F0552E1341.NASL", "FREEBSD_PKG_3159CD704AAA11E6A7BD14DAE9D210B8.NASL", "LIBREOFFICE_514.NASL", "UBUNTU_USN-3022-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310808548"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0914"]}, {"type": "seebug", "idList": ["SSV:96735"]}, {"type": "talos", "idList": ["TALOS-2016-0126"]}]}, "exploitation": null, "vulnersScore": 5.9}, "_state": {"dependencies": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "23", "arch": "any", "packageName": "libreoffice", "packageVersion": "5.0.6.2", "packageFilename": "UNKNOWN", "operator": "lt"}]}

{"nessus": [{"lastseen": "2021-10-16T13:49:57", "description": "LibreOffice was updated to version 5.1.5.2, bringing enhancements and bug fixes.\n\n - CVE-2016-4324: Parsing the Rich Text Format character style index was insufficiently checked for validity.\n Documents could be constructed which dereference an iterator to the first entry of an empty STL container.\n (bsc#987553)\n\n - Don't use 'nullable' for introspection, as it isn't available on SLE 12's version of gobject-introspection.\n This prevents a segmentation fault in gnome-documents.\n (bsc#1000102)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-10-07T00:00:00", "type": "nessus", "title": "SUSE SLED12 Security Update : libreoffice (SUSE-SU-2016:2472-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libreoffice", "p-cpe:/a:novell:suse_linux:libreoffice-base", "p-cpe:/a:novell:suse_linux:libreoffice-base-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-base-drivers-mysql", "p-cpe:/a:novell:suse_linux:libreoffice-base-drivers-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-base-drivers-postgresql", "p-cpe:/a:novell:suse_linux:libreoffice-base-drivers-postgresql-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-calc", "p-cpe:/a:novell:suse_linux:libreoffice-calc-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-calc-extensions", "p-cpe:/a:novell:suse_linux:libreoffice-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-debugsource", "p-cpe:/a:novell:suse_linux:libreoffice-draw", "p-cpe:/a:novell:suse_linux:libreoffice-draw-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-filters-optional", "p-cpe:/a:novell:suse_linux:libreoffice-gnome", "p-cpe:/a:novell:suse_linux:libreoffice-gnome-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-impress", "p-cpe:/a:novell:suse_linux:libreoffice-impress-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-mailmerge", "p-cpe:/a:novell:suse_linux:libreoffice-math", "p-cpe:/a:novell:suse_linux:libreoffice-math-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-officebean", "p-cpe:/a:novell:suse_linux:libreoffice-officebean-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-pyuno", "p-cpe:/a:novell:suse_linux:libreoffice-pyuno-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-writer", "p-cpe:/a:novell:suse_linux:libreoffice-writer-debuginfo", "p-cpe:/a:novell:suse_linux:libreoffice-writer-extensions", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-2472-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93910", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2472-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93910);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-4324\");\n\n script_name(english:\"SUSE SLED12 Security Update : libreoffice (SUSE-SU-2016:2472-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"LibreOffice was updated to version 5.1.5.2, bringing enhancements and\nbug fixes.\n\n - CVE-2016-4324: Parsing the Rich Text Format character\n style index was insufficiently checked for validity.\n Documents could be constructed which dereference an\n iterator to the first entry of an empty STL container.\n (bsc#987553)\n\n - Don't use 'nullable' for introspection, as it isn't\n available on SLE 12's version of gobject-introspection.\n This prevents a segmentation fault in gnome-documents.\n (bsc#1000102)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=987553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4324/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162472-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e00db226\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch\nSUSE-SLE-WE-12-SP1-2016-1442=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2016-1442=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-base-drivers-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-base-drivers-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-base-drivers-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-base-drivers-postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-calc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-calc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-calc-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-draw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-draw-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-filters-optional\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-gnome-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-impress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-impress-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-mailmerge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-math\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-math-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-officebean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-officebean-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-pyuno\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-pyuno-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-writer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-writer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libreoffice-writer-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-base-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-base-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-base-drivers-mysql-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-base-drivers-mysql-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-base-drivers-postgresql-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-base-drivers-postgresql-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-calc-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-calc-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-calc-extensions-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-debugsource-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-draw-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-draw-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-filters-optional-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-gnome-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-gnome-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-impress-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-impress-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-mailmerge-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-math-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-math-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-officebean-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-officebean-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-pyuno-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-pyuno-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-writer-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-writer-debuginfo-5.1.5.2-29.4\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libreoffice-writer-extensions-5.1.5.2-29.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libreoffice\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:41:15", "description": "Security fix for CVE-2016-4324\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-15T00:00:00", "type": "nessus", "title": "Fedora 23 : 1:libreoffice (2016-f0552e1341)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:libreoffice", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-F0552E1341.NASL", "href": "https://www.tenable.com/plugins/nessus/92302", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-f0552e1341.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92302);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4324\");\n script_xref(name:\"FEDORA\", value:\"2016-f0552e1341\");\n\n script_name(english:\"Fedora 23 : 1:libreoffice (2016-f0552e1341)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-4324\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-f0552e1341\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:libreoffice package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:libreoffice\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"libreoffice-5.0.6.2-9.fc23\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:libreoffice\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:41:13", "description": "The version of LibreOffice installed on the remote macOS or Mac OS X host is prior to 5.1.4. It is, therefore, affected by a use-after-free error due to improper handling of the character style index when parsing RTF files. An unauthenticated, remote attacker can exploit this, by convincing a user to open a specially crafted RTF file, to execute arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-08T00:00:00", "type": "nessus", "title": "LibreOffice < 5.1.4 RTF Character Style Index RCE (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2019-11-14T00:00:00", "cpe": ["cpe:/a:libreoffice:libreoffice"], "id": "MACOSX_LIBREOFFICE_514.NASL", "href": "https://www.tenable.com/plugins/nessus/91975", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91975);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\"CVE-2016-4324\");\n script_bugtraq_id(91499);\n\n script_name(english:\"LibreOffice < 5.1.4 RTF Character Style Index RCE (macOS)\");\n script_summary(english:\"Checks the version of LibreOffice.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by a remote\ncode execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of LibreOffice installed on the remote macOS or Mac OS X\nhost is prior to 5.1.4. It is, therefore, affected by a use-after-free\nerror due to improper handling of the character style index when\nparsing RTF files. An unauthenticated, remote attacker can exploit\nthis, by convincing a user to open a specially crafted RTF file, to\nexecute arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?13884491\");\n # http://blog.talosintel.com/2016/06/vulnerability-spotlight-libreoffice-rtf.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a9f01c39\");\n # http://www.talosintelligence.com/reports/TALOS-2016-0126/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dc117572\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to LibreOffice version 5.1.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4324\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:libreoffice:libreoffice\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_libreoffice_installed.nasl\");\n script_require_keys(\"installed_sw/LibreOffice\", \"Host/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = \"LibreOffice\";\n\nget_kb_item_or_exit(\"Host/MacOSX/Version\");\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\npath = install['path'];\n\nif (\n # < 5.x\n version =~ \"^[0-4]($|[^0-9])\" ||\n # 5.0 < 5.1\n version =~ \"^5\\.0($|[^0-9])\" ||\n # 5.1 < 5.1.4\n version =~ \"^5\\.1($|\\.[0-3])($|[^0-9])\"\n)\n{\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.1.4' +\n '\\n';\n security_report_v4(port:0, severity:SECURITY_WARNING, extra:report);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:03", "description": "LibreOffice was updated to version 5.1.5.2, bringing enhancements and bug fixes.\n\n - CVE-2016-4324: Parsing the Rich Text Format character style index was insufficiently checked for validity.\n Documents could be constructed which dereference an iterator to the first entry of an empty STL container.\n (bsc#987553)\n\n - Don't use 'nullable' for introspection, as it isn't available on SLE 12's version of gobject-introspection.\n This prevents a segmentation fault in gnome-documents.\n (bsc#1000102)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-10-17T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libreoffice (openSUSE-2016-1192)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libreoffice", "p-cpe:/a:novell:opensuse:libreoffice-base", "p-cpe:/a:novell:opensuse:libreoffice-base-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql", "p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql", "p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-branding-upstream", "p-cpe:/a:novell:opensuse:libreoffice-calc", "p-cpe:/a:novell:opensuse:libreoffice-calc-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-calc-extensions", "p-cpe:/a:novell:opensuse:libreoffice-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-debugsource", "p-cpe:/a:novell:opensuse:libreoffice-draw", "p-cpe:/a:novell:opensuse:libreoffice-draw-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-filters-optional", "p-cpe:/a:novell:opensuse:libreoffice-gdb-pretty-printers", "p-cpe:/a:novell:opensuse:libreoffice-glade", "p-cpe:/a:novell:opensuse:libreoffice-gnome", "p-cpe:/a:novell:opensuse:libreoffice-gnome-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-gtk3", "p-cpe:/a:novell:opensuse:libreoffice-gtk3-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-icon-theme-breeze", "p-cpe:/a:novell:opensuse:libreoffice-icon-theme-galaxy", "p-cpe:/a:novell:opensuse:libreoffice-icon-theme-hicontrast", "p-cpe:/a:novell:opensuse:libreoffice-icon-theme-oxygen", "p-cpe:/a:novell:opensuse:libreoffice-icon-theme-sifr", "p-cpe:/a:novell:opensuse:libreoffice-icon-theme-tango", "p-cpe:/a:novell:opensuse:libreoffice-impress", "p-cpe:/a:novell:opensuse:libreoffice-impress-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-kde4", "p-cpe:/a:novell:opensuse:libreoffice-kde4-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-l10n-af", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ar", "p-cpe:/a:novell:opensuse:libreoffice-l10n-as", "p-cpe:/a:novell:opensuse:libreoffice-l10n-bg", "p-cpe:/a:novell:opensuse:libreoffice-l10n-bn", "p-cpe:/a:novell:opensuse:libreoffice-l10n-br", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ca", "p-cpe:/a:novell:opensuse:libreoffice-l10n-cs", "p-cpe:/a:novell:opensuse:libreoffice-l10n-cy", "p-cpe:/a:novell:opensuse:libreoffice-l10n-da", "p-cpe:/a:novell:opensuse:libreoffice-l10n-de", "p-cpe:/a:novell:opensuse:libreoffice-l10n-dz", "p-cpe:/a:novell:opensuse:libreoffice-l10n-el", "p-cpe:/a:novell:opensuse:libreoffice-l10n-en", "p-cpe:/a:novell:opensuse:libreoffice-l10n-es", "p-cpe:/a:novell:opensuse:libreoffice-l10n-et", "p-cpe:/a:novell:opensuse:libreoffice-l10n-eu", "p-cpe:/a:novell:opensuse:libreoffice-l10n-fa", "p-cpe:/a:novell:opensuse:libreoffice-l10n-fi", "p-cpe:/a:novell:opensuse:libreoffice-l10n-fr", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ga", "p-cpe:/a:novell:opensuse:libreoffice-l10n-gl", "p-cpe:/a:novell:opensuse:libreoffice-l10n-gu", "p-cpe:/a:novell:opensuse:libreoffice-l10n-he", "p-cpe:/a:novell:opensuse:libreoffice-l10n-hi", "p-cpe:/a:novell:opensuse:libreoffice-l10n-hr", "p-cpe:/a:novell:opensuse:libreoffice-l10n-hu", "p-cpe:/a:novell:opensuse:libreoffice-l10n-it", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ja", "p-cpe:/a:novell:opensuse:libreoffice-l10n-kk", "p-cpe:/a:novell:opensuse:libreoffice-l10n-kn", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ko", "p-cpe:/a:novell:opensuse:libreoffice-l10n-lt", "p-cpe:/a:novell:opensuse:libreoffice-l10n-lv", "p-cpe:/a:novell:opensuse:libreoffice-l10n-mai", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ml", "p-cpe:/a:novell:opensuse:libreoffice-l10n-mr", "p-cpe:/a:novell:opensuse:libreoffice-l10n-nb", "p-cpe:/a:novell:opensuse:libreoffice-l10n-nl", "p-cpe:/a:novell:opensuse:libreoffice-l10n-nn", "p-cpe:/a:novell:opensuse:libreoffice-l10n-nr", "p-cpe:/a:novell:opensuse:libreoffice-l10n-nso", "p-cpe:/a:novell:opensuse:libreoffice-l10n-or", "p-cpe:/a:novell:opensuse:libreoffice-l10n-pa", "p-cpe:/a:novell:opensuse:libreoffice-l10n-pl", "p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-BR", "p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-PT", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ro", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ru", "p-cpe:/a:novell:opensuse:libreoffice-l10n-si", "p-cpe:/a:novell:opensuse:libreoffice-l10n-sk", "p-cpe:/a:novell:opensuse:libreoffice-l10n-sl", "p-cpe:/a:novell:opensuse:libreoffice-l10n-sr", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ss", "p-cpe:/a:novell:opensuse:libreoffice-l10n-st", "p-cpe:/a:novell:opensuse:libreoffice-l10n-sv", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ta", "p-cpe:/a:novell:opensuse:libreoffice-l10n-te", "p-cpe:/a:novell:opensuse:libreoffice-l10n-th", "p-cpe:/a:novell:opensuse:libreoffice-l10n-tn", "p-cpe:/a:novell:opensuse:libreoffice-l10n-tr", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ts", "p-cpe:/a:novell:opensuse:libreoffice-l10n-uk", "p-cpe:/a:novell:opensuse:libreoffice-l10n-ve", "p-cpe:/a:novell:opensuse:libreoffice-l10n-xh", "p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-Hans", "p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-Hant", "p-cpe:/a:novell:opensuse:libreoffice-l10n-zu", "p-cpe:/a:novell:opensuse:libreoffice-mailmerge", "p-cpe:/a:novell:opensuse:libreoffice-math", "p-cpe:/a:novell:opensuse:libreoffice-math-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-officebean", "p-cpe:/a:novell:opensuse:libreoffice-officebean-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-pyuno", "p-cpe:/a:novell:opensuse:libreoffice-pyuno-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-sdk", "p-cpe:/a:novell:opensuse:libreoffice-sdk-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-writer", "p-cpe:/a:novell:opensuse:libreoffice-writer-debuginfo", "p-cpe:/a:novell:opensuse:libreoffice-writer-extensions", "p-cpe:/a:novell:opensuse:libreofficekit", "p-cpe:/a:novell:opensuse:libreofficekit-devel", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1192.NASL", "href": "https://www.tenable.com/plugins/nessus/94088", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1192.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94088);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-4324\");\n\n script_name(english:\"openSUSE Security Update : libreoffice (openSUSE-2016-1192)\");\n script_summary(english:\"Check for the openSUSE-2016-1192 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"LibreOffice was updated to version 5.1.5.2, bringing enhancements and\nbug fixes.\n\n - CVE-2016-4324: Parsing the Rich Text Format character\n style index was insufficiently checked for validity.\n Documents could be constructed which dereference an\n iterator to the first entry of an empty STL container.\n (bsc#987553)\n\n - Don't use 'nullable' for introspection, as it isn't\n available on SLE 12's version of gobject-introspection.\n This prevents a segmentation fault in gnome-documents.\n (bsc#1000102)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=987553\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libreoffice packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-calc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-calc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-calc-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-draw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-draw-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-filters-optional\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-gdb-pretty-printers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-glade\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-gnome-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-gtk3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-breeze\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-galaxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-hicontrast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-oxygen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-sifr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-icon-theme-tango\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-impress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-impress-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-kde4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-kde4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-dz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-en\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-gu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-nr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-PT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-st\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-ve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-Hans\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-Hant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-l10n-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-mailmerge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-math\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-math-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-officebean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-officebean-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-pyuno\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-pyuno-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-sdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-writer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-writer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreoffice-writer-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreofficekit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libreofficekit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-base-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-base-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-base-drivers-mysql-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-base-drivers-mysql-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-base-drivers-postgresql-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-base-drivers-postgresql-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-branding-upstream-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-calc-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-calc-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-calc-extensions-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-debugsource-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-draw-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-draw-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-filters-optional-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-gdb-pretty-printers-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-glade-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-gnome-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-gnome-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-gtk3-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-gtk3-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-icon-theme-breeze-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-icon-theme-galaxy-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-icon-theme-hicontrast-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-icon-theme-oxygen-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-icon-theme-sifr-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-icon-theme-tango-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-impress-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-impress-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-kde4-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-kde4-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-af-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ar-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-as-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-bg-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-bn-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-br-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ca-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-cs-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-cy-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-da-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-de-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-dz-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-el-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-en-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-es-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-et-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-eu-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-fa-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-fi-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-fr-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ga-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-gl-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-gu-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-he-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-hi-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-hr-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-hu-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-it-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ja-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-kk-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-kn-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ko-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-lt-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-lv-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-mai-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ml-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-mr-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-nb-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-nl-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-nn-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-nr-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-nso-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-or-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-pa-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-pl-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-pt-BR-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-pt-PT-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ro-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ru-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-si-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-sk-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-sl-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-sr-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ss-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-st-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-sv-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ta-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-te-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-th-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-tn-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-tr-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ts-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-uk-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-ve-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-xh-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-zh-Hans-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-zh-Hant-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-l10n-zu-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-mailmerge-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-math-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-math-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-officebean-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-officebean-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-pyuno-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-pyuno-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-sdk-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-sdk-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-writer-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-writer-debuginfo-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreoffice-writer-extensions-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreofficekit-5.1.5.2-11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libreofficekit-devel-5.1.5.2-11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libreoffice / libreoffice-base / libreoffice-base-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:41:26", "description": "The version of LibreOffice installed on the remote Windows host is prior to 5.1.4. It is, therefore, affected by a use-after-free error during Rich Text Format (RTF) file parsing due to improper validation of the RTF character style index. An unauthenticated, remote attacker can exploit this, by convincing a user to open a specially crafted RTF file, to execute arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-08T00:00:00", "type": "nessus", "title": "LibreOffice < 5.1.4 RTF Character Style Index RCE", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2019-11-19T00:00:00", "cpe": ["cpe:/a:libreoffice:libreoffice"], "id": "LIBREOFFICE_514.NASL", "href": "https://www.tenable.com/plugins/nessus/91974", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91974);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/19\");\n\n script_cve_id(\"CVE-2016-4324\");\n script_bugtraq_id(91499);\n\n script_name(english:\"LibreOffice < 5.1.4 RTF Character Style Index RCE\");\n script_summary(english:\"Checks the version of LibreOffice.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by a remote\ncode execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of LibreOffice installed on the remote Windows host is\nprior to 5.1.4. It is, therefore, affected by a use-after-free error\nduring Rich Text Format (RTF) file parsing due to improper validation\nof the RTF character style index. An unauthenticated, remote attacker\ncan exploit this, by convincing a user to open a specially crafted RTF\nfile, to execute arbitrary code.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # https://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?13884491\");\n # http://blog.talosintel.com/2016/06/vulnerability-spotlight-libreoffice-rtf.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a9f01c39\");\n # http://www.talosintelligence.com/reports/TALOS-2016-0126/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dc117572\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to LibreOffice version 5.1.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-4324\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:libreoffice:libreoffice\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"libreoffice_installed.nasl\");\n script_require_keys(\"installed_sw/LibreOffice\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = \"LibreOffice\";\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\nversion_ui = install['display_version'];\npath = install['path'];\n\nif (\n # < 5.x\n version =~ \"^[0-4]($|[^0-9])\" ||\n # 5.0 < 5.1\n version =~ \"^5\\.0($|[^0-9])\" ||\n # 5.1 < 5.1.4\n version =~ \"^5\\.1($|\\.[0-3])($|[^0-9])\"\n)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version_ui +\n '\\n Fixed version : 5.1.4' +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_WARNING, extra:report);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version_ui, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:41:29", "description": "Aleksandar Nikolic discovered that missing input sanitising in the RTF parser in Libreoffice may result in the execution of arbitrary code if a malformed documented is opened.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-06-30T00:00:00", "type": "nessus", "title": "Debian DSA-3608-1 : libreoffice - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libreoffice", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3608.NASL", "href": "https://www.tenable.com/plugins/nessus/91891", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3608. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91891);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4324\");\n script_xref(name:\"DSA\", value:\"3608\");\n\n script_name(english:\"Debian DSA-3608-1 : libreoffice - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Aleksandar Nikolic discovered that missing input sanitising in the RTF\nparser in Libreoffice may result in the execution of arbitrary code if\na malformed documented is opened.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libreoffice\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3608\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libreoffice packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1:4.3.3-2+deb8u5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"browser-plugin-libreoffice\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fonts-opensymbol\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-avmedia-backend-gstreamer\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-avmedia-backend-vlc\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-base\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-base-core\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-base-drivers\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-calc\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-common\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-core\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-dbg\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-dev\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-dev-doc\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-draw\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-emailmerge\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-evolution\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-gnome\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-gtk\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-gtk3\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-ca\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-cs\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-da\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-de\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-dz\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-el\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-en-gb\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-en-us\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-es\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-et\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-eu\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-fi\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-fr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-gl\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-hi\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-hu\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-it\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-ja\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-km\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-ko\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-nl\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-om\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-pl\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-pt\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-pt-br\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-ru\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-sk\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-sl\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-sv\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-tr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-vi\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-zh-cn\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-help-zh-tw\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-impress\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-java-common\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-kde\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-af\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ar\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-as\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ast\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-be\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-bg\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-bn\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-br\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-bs\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ca\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-cs\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-cy\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-da\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-de\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-dz\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-el\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-en-gb\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-en-za\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-eo\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-es\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-et\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-eu\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-fa\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-fi\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-fr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ga\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-gd\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-gl\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-gu\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-he\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-hi\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-hr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-hu\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-id\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-in\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-is\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-it\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ja\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ka\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-kk\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-km\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-kmr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ko\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ku\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-lt\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-lv\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-mk\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ml\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-mn\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-mr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-nb\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ne\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-nl\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-nn\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-nr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-nso\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-oc\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-om\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-or\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-pa-in\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-pl\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-pt\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-pt-br\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ro\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ru\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-rw\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-si\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-sk\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-sl\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-sr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ss\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-st\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-sv\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ta\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-te\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-tg\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-th\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-tn\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-tr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ts\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ug\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-uk\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-uz\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-ve\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-vi\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-xh\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-za\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-zh-cn\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-zh-tw\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-l10n-zu\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-librelogo\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-math\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-mysql-connector\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-officebean\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-ogltrans\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-pdfimport\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-presentation-minimizer\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-presenter-console\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-report-builder\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-report-builder-bin\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-script-provider-bsh\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-script-provider-js\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-script-provider-python\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-sdbc-firebird\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-sdbc-hsqldb\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-sdbc-postgresql\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-style-crystal\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-style-galaxy\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-style-hicontrast\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-style-oxygen\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-style-sifr\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-style-tango\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-subsequentcheckbase\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-wiki-publisher\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libreoffice-writer\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"openoffice.org-dtd-officedocument1.0\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-uno\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-uno\", reference:\"1:4.3.3-2+deb8u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:53", "description": "Aleksandar Nikolic discovered that missing input sanitising in the RTF parser in Libreoffice may result in the execution of arbitrary code if a malformed documented is opened.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 1:3.5.4+dfsg2-0+deb7u7.\n\nWe recommend that you upgrade your libreoffice packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-08-04T00:00:00", "type": "nessus", "title": "Debian DLA-581-1 : libreoffice security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:fonts-opensymbol", "p-cpe:/a:debian:debian_linux:libreoffice", "p-cpe:/a:debian:debian_linux:libreoffice-base", "p-cpe:/a:debian:debian_linux:libreoffice-base-core", "p-cpe:/a:debian:debian_linux:libreoffice-calc", "p-cpe:/a:debian:debian_linux:libreoffice-common", "p-cpe:/a:debian:debian_linux:libreoffice-core", "p-cpe:/a:debian:debian_linux:libreoffice-dbg", "p-cpe:/a:debian:debian_linux:libreoffice-dev", "p-cpe:/a:debian:debian_linux:libreoffice-dev-doc", "p-cpe:/a:debian:debian_linux:libreoffice-draw", "p-cpe:/a:debian:debian_linux:libreoffice-emailmerge", "p-cpe:/a:debian:debian_linux:libreoffice-evolution", "p-cpe:/a:debian:debian_linux:libreoffice-filter-binfilter", "p-cpe:/a:debian:debian_linux:libreoffice-filter-mobiledev", "p-cpe:/a:debian:debian_linux:libreoffice-gcj", "p-cpe:/a:debian:debian_linux:libreoffice-gnome", "p-cpe:/a:debian:debian_linux:libreoffice-gtk", "p-cpe:/a:debian:debian_linux:libreoffice-gtk3", "p-cpe:/a:debian:debian_linux:libreoffice-help-ca", "p-cpe:/a:debian:debian_linux:libreoffice-help-cs", "p-cpe:/a:debian:debian_linux:libreoffice-help-da", "p-cpe:/a:debian:debian_linux:libreoffice-help-de", "p-cpe:/a:debian:debian_linux:libreoffice-help-dz", "p-cpe:/a:debian:debian_linux:libreoffice-help-el", "p-cpe:/a:debian:debian_linux:libreoffice-help-en-gb", "p-cpe:/a:debian:debian_linux:libreoffice-help-en-us", "p-cpe:/a:debian:debian_linux:libreoffice-help-es", "p-cpe:/a:debian:debian_linux:libreoffice-help-et", "p-cpe:/a:debian:debian_linux:libreoffice-help-eu", "p-cpe:/a:debian:debian_linux:libreoffice-help-fi", "p-cpe:/a:debian:debian_linux:libreoffice-help-fr", "p-cpe:/a:debian:debian_linux:libreoffice-help-gl", "p-cpe:/a:debian:debian_linux:libreoffice-help-hi", "p-cpe:/a:debian:debian_linux:libreoffice-help-hu", "p-cpe:/a:debian:debian_linux:libreoffice-help-it", "p-cpe:/a:debian:debian_linux:libreoffice-help-ja", "p-cpe:/a:debian:debian_linux:libreoffice-help-km", "p-cpe:/a:debian:debian_linux:libreoffice-help-ko", "p-cpe:/a:debian:debian_linux:libreoffice-help-nl", "p-cpe:/a:debian:debian_linux:libreoffice-help-om", "p-cpe:/a:debian:debian_linux:libreoffice-help-pl", "p-cpe:/a:debian:debian_linux:libreoffice-help-pt", "p-cpe:/a:debian:debian_linux:libreoffice-help-pt-br", "p-cpe:/a:debian:debian_linux:libreoffice-help-ru", "p-cpe:/a:debian:debian_linux:libreoffice-help-sk", "p-cpe:/a:debian:debian_linux:libreoffice-help-sl", "p-cpe:/a:debian:debian_linux:libreoffice-help-sv", "p-cpe:/a:debian:debian_linux:libreoffice-help-zh-cn", "p-cpe:/a:debian:debian_linux:libreoffice-help-zh-tw", "p-cpe:/a:debian:debian_linux:libreoffice-impress", "p-cpe:/a:debian:debian_linux:libreoffice-java-common", "p-cpe:/a:debian:debian_linux:libreoffice-kde", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-af", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ar", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-as", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ast", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-be", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-bg", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-bn", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-br", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-bs", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ca", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-cs", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-cy", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-da", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-de", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-dz", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-el", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-en-gb", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-en-za", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-eo", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-es", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-et", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-eu", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-fa", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-fi", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-fr", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ga", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-gl", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-gu", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-he", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-hi", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-hr", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-hu", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-id", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-in", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-is", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-it", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ja", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ka", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-km", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ko", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ku", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-lt", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-lv", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-mk", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ml", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-mn", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-mr", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-nb", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ne", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-nl", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-nn", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-nr", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-nso", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-oc", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-om", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-or", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-pa-in", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-pl", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-pt", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-pt-br", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ro", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ru", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-rw", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-si", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-sk", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-sl", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-sr", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ss", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-st", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-sv", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ta", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-te", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-tg", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-th", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-tn", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-tr", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ts", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ug", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-uk", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-uz", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-ve", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-vi", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-xh", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-za", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:libreoffice-l10n-zu", "p-cpe:/a:debian:debian_linux:libreoffice-math", "p-cpe:/a:debian:debian_linux:libreoffice-mysql-connector", "p-cpe:/a:debian:debian_linux:libreoffice-officebean", "p-cpe:/a:debian:debian_linux:libreoffice-ogltrans", "p-cpe:/a:debian:debian_linux:libreoffice-pdfimport", "p-cpe:/a:debian:debian_linux:libreoffice-presentation-minimizer", "p-cpe:/a:debian:debian_linux:libreoffice-presenter-console", "p-cpe:/a:debian:debian_linux:libreoffice-report-builder", "p-cpe:/a:debian:debian_linux:libreoffice-report-builder-bin", "p-cpe:/a:debian:debian_linux:libreoffice-script-provider-bsh", "p-cpe:/a:debian:debian_linux:libreoffice-script-provider-js", "p-cpe:/a:debian:debian_linux:libreoffice-script-provider-python", "p-cpe:/a:debian:debian_linux:libreoffice-sdbc-postgresql", "p-cpe:/a:debian:debian_linux:libreoffice-style-crystal", "p-cpe:/a:debian:debian_linux:libreoffice-style-galaxy", "p-cpe:/a:debian:debian_linux:libreoffice-style-hicontrast", "p-cpe:/a:debian:debian_linux:libreoffice-style-oxygen", "p-cpe:/a:debian:debian_linux:libreoffice-style-tango", "p-cpe:/a:debian:debian_linux:libreoffice-wiki-publisher", "p-cpe:/a:debian:debian_linux:libreoffice-writer", "p-cpe:/a:debian:debian_linux:openoffice.org-dtd-officedocument1.0", "p-cpe:/a:debian:debian_linux:python-uno", "p-cpe:/a:debian:debian_linux:python3-uno", "p-cpe:/a:debian:debian_linux:ttf-opensymbol", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-581.NASL", "href": "https://www.tenable.com/plugins/nessus/92704", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-581-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92704);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4324\");\n\n script_name(english:\"Debian DLA-581-1 : libreoffice security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Aleksandar Nikolic discovered that missing input sanitising in the RTF\nparser in Libreoffice may result in the execution of arbitrary code if\na malformed documented is opened.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1:3.5.4+dfsg2-0+deb7u7.\n\nWe recommend that you upgrade your libreoffice packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/08/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libreoffice\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fonts-opensymbol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-base-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-calc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-dev-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-draw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-emailmerge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-filter-binfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-filter-mobiledev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-gcj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-dz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-en-us\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-om\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-help-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-impress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-java-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-kde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-dz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-en-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-gu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-nr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-om\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-rw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-st\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-tg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-ve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-za\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-l10n-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-math\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-mysql-connector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-officebean\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-ogltrans\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-pdfimport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-presentation-minimizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-presenter-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-report-builder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-report-builder-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-script-provider-bsh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-script-provider-js\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-script-provider-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-sdbc-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-style-crystal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-style-galaxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-style-hicontrast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-style-oxygen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-style-tango\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-wiki-publisher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libreoffice-writer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openoffice.org-dtd-officedocument1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-uno\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-uno\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ttf-opensymbol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"fonts-opensymbol\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-base\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-base-core\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-calc\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-common\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-core\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-dbg\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-dev\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-dev-doc\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-draw\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-emailmerge\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-evolution\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-filter-binfilter\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-filter-mobiledev\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-gcj\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-gnome\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-gtk\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-gtk3\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-ca\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-cs\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-da\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-de\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-dz\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-el\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-en-gb\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-en-us\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-es\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-et\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-eu\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-fi\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-fr\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-gl\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-hi\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-hu\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-it\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-ja\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-km\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-ko\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-nl\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-om\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-pl\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-pt\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-pt-br\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-ru\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-sk\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-sl\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-sv\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-zh-cn\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-help-zh-tw\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-impress\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-java-common\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-kde\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-af\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ar\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-as\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ast\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-be\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-bg\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-bn\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-br\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-bs\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ca\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-cs\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-cy\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-da\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-de\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-dz\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-el\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-en-gb\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-en-za\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-eo\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-es\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-et\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-eu\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-fa\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-fi\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-fr\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ga\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-gl\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-gu\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-he\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-hi\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-hr\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-hu\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-id\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-in\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-is\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-it\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ja\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ka\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-km\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ko\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ku\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-lt\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-lv\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-mk\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ml\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-mn\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-mr\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-nb\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ne\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-nl\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-nn\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-nr\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-nso\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-oc\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-om\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-or\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-pa-in\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-pl\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-pt\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-pt-br\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ro\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ru\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-rw\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-si\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-sk\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-sl\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-sr\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ss\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-st\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-sv\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ta\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-te\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-tg\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-th\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-tn\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-tr\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ts\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ug\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-uk\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-uz\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-ve\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-vi\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-xh\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-za\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-zh-cn\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-zh-tw\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-l10n-zu\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-math\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-mysql-connector\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-officebean\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-ogltrans\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-pdfimport\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-presentation-minimizer\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-presenter-console\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-report-builder\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-report-builder-bin\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-script-provider-bsh\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-script-provider-js\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-script-provider-python\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-sdbc-postgresql\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-style-crystal\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-style-galaxy\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-style-hicontrast\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-style-oxygen\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-style-tango\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-wiki-publisher\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libreoffice-writer\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"openoffice.org-dtd-officedocument1.0\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-uno\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python3-uno\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ttf-opensymbol\", reference:\"1:3.5.4+dfsg2-0+deb7u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:52", "description": "Talos reports :\n\nAn exploitable Use After Free vulnerability exists in the RTF parser LibreOffice. A specially crafted file can cause a use after free resulting in a possible arbitrary code execution. To exploit the vulnerability a malicious file needs to be opened by the user via vulnerable application.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-07-18T00:00:00", "type": "nessus", "title": "FreeBSD : libreoffice -- use-after-free vulnerability (3159cd70-4aaa-11e6-a7bd-14dae9d210b8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libreoffice", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_3159CD704AAA11E6A7BD14DAE9D210B8.NASL", "href": "https://www.tenable.com/plugins/nessus/92340", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92340);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-4324\");\n\n script_name(english:\"FreeBSD : libreoffice -- use-after-free vulnerability (3159cd70-4aaa-11e6-a7bd-14dae9d210b8)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Talos reports :\n\nAn exploitable Use After Free vulnerability exists in the RTF parser\nLibreOffice. A specially crafted file can cause a use after free\nresulting in a possible arbitrary code execution. To exploit the\nvulnerability a malicious file needs to be opened by the user via\nvulnerable application.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.talosintelligence.com/reports/TALOS-2016-0126/\"\n );\n # http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?13884491\"\n );\n # https://vuxml.freebsd.org/freebsd/3159cd70-4aaa-11e6-a7bd-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f17412b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libreoffice\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libreoffice<5.1.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:41:22", "description": "It was discovered that LibreOffice incorrectly handled RTF document files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-06-30T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 15.10 / 16.04 LTS : libreoffice vulnerability (USN-3022-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libreoffice-core", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3022-1.NASL", "href": "https://www.tenable.com/plugins/nessus/91893", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3022-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91893);\n script_version(\"2.15\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-4324\");\n script_xref(name:\"USN\", value:\"3022-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 15.10 / 16.04 LTS : libreoffice vulnerability (USN-3022-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that LibreOffice incorrectly handled RTF document\nfiles. If a user were tricked into opening a specially crafted RTF\ndocument, a remote attacker could cause LibreOffice to crash, and\npossibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3022-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libreoffice-core package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libreoffice-core\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|15\\.10|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 15.10 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libreoffice-core\", pkgver:\"1:3.5.7-0ubuntu11\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"libreoffice-core\", pkgver:\"1:5.0.6-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libreoffice-core\", pkgver:\"1:5.1.4-0ubuntu1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libreoffice-core\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:44", "description": "The remote host is affected by the vulnerability described in GLSA-201611-03 (LibreOffice, OpenOffice: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in both LibreOffice and OpenOffice. Please review the referenced CVE’s for specific information regarding each.\n Impact :\n\n Remote attackers could obtain sensitive information, cause a Denial of Service condition, or execute arbitrary code.\n Workaround :\n\n There is no known work around at this time.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2016-11-07T00:00:00", "type": "nessus", "title": "GLSA-201611-03 : LibreOffice, OpenOffice: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4551", "CVE-2015-5212", "CVE-2015-5213", "CVE-2015-5214", "CVE-2016-4324"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:libreoffice", "p-cpe:/a:gentoo:linux:libreoffice-bin", "p-cpe:/a:gentoo:linux:openoffice-bin", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201611-03.NASL", "href": "https://www.tenable.com/plugins/nessus/94594", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201611-03.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94594);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-4551\", \"CVE-2015-5212\", \"CVE-2015-5213\", \"CVE-2015-5214\", \"CVE-2016-4324\");\n script_xref(name:\"GLSA\", value:\"201611-03\");\n\n script_name(english:\"GLSA-201611-03 : LibreOffice, OpenOffice: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201611-03\n(LibreOffice, OpenOffice: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in both LibreOffice and\n OpenOffice. Please review the referenced CVE’s for specific\n information regarding each.\n \nImpact :\n\n Remote attackers could obtain sensitive information, cause a Denial of\n Service condition, or execute arbitrary code.\n \nWorkaround :\n\n There is no known work around at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201611-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All LibreOffice users should upgrade their respective packages to the\n latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-office/libreoffice-5.1.4.2'\n # emerge --ask --oneshot --verbose\n '>=app-office/libreoffice-bin-debug-5.1.4.2'\n All OpenOffice users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-office/openoffice-bin-4.1.2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libreoffice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libreoffice-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openoffice-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-office/libreoffice\", unaffected:make_list(\"ge 5.1.4.2\"), vulnerable:make_list(\"lt 5.1.4.2\"))) flag++;\nif (qpkg_check(package:\"app-office/libreoffice-bin\", unaffected:make_list(\"ge 5.1.4.2\"), vulnerable:make_list(\"lt 5.1.4.2\"))) flag++;\nif (qpkg_check(package:\"app-office/openoffice-bin\", unaffected:make_list(\"ge 4.1.2\"), vulnerable:make_list(\"lt 4.1.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"LibreOffice / OpenOffice\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T12:25:38", "description": "It was discovered that LibreOffice incorrectly handled RTF document files. \nIf a user were tricked into opening a specially crafted RTF document, a \nremote attacker could cause LibreOffice to crash, and possibly execute \narbitrary code.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-29T00:00:00", "type": "ubuntu", "title": "LibreOffice vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-06-29T00:00:00", "id": "USN-3022-1", "href": "https://ubuntu.com/security/notices/USN-3022-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-06-08T06:02:06", "description": "Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-08T19:59:00", "type": "debiancve", "title": "CVE-2016-4324", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-07-08T19:59:00", "id": "DEBIANCVE:CVE-2016-4324", "href": "https://security-tracker.debian.org/tracker/CVE-2016-4324", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T13:57:12", "description": "Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-08T19:59:00", "type": "cve", "title": "CVE-2016-4324", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2017-07-01T01:29:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:libreoffice:libreoffice:5.1.3", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2016-4324", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4324", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:a:libreoffice:libreoffice:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"]}], "debian": [{"lastseen": "2021-12-08T04:57:21", "description": "Package : libreoffice\nVersion : 1:3.5.4+dfsg2-0+deb7u7\nCVE ID : CVE-2016-4324\n\nAleksandar Nikolic discovered that missing input sanitising in\nthe RTF parser in Libreoffice may result in the execution of\narbitrary code if a malformed documented is opened.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1:3.5.4+dfsg2-0+deb7u7.\n\nWe recommend that you upgrade your libreoffice packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-08-03T07:45:35", "type": "debian", "title": "[SECURITY] [DLA 581-1] libreoffice security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-08-03T07:45:35", "id": "DEBIAN:DLA-581-1:3B241", "href": "https://lists.debian.org/debian-lts-announce/2016/08/msg00003.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-23T21:59:30", "description": "Package : libreoffice\nVersion : 1:3.5.4+dfsg2-0+deb7u7\nCVE ID : CVE-2016-4324\n\nAleksandar Nikolic discovered that missing input sanitising in\nthe RTF parser in Libreoffice may result in the execution of\narbitrary code if a malformed documented is opened.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1:3.5.4+dfsg2-0+deb7u7.\n\nWe recommend that you upgrade your libreoffice packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-08-03T07:45:35", "type": "debian", "title": "[SECURITY] [DLA 581-1] libreoffice security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-08-03T07:45:35", "id": "DEBIAN:DLA-581-1:ABF84", "href": "https://lists.debian.org/debian-lts-announce/2016/08/msg00003.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-23T00:41:02", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3608-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJune 29, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libreoffice\nCVE ID : CVE-2016-4324\n\nAleksandar Nikolic discovered that missing input sanitising in the RTF\nparser in Libreoffice may result in the execution of arbitrary code if\na malformed documented is opened.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1:4.3.3-2+deb8u5.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 1:5.1.4~rc1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:5.1.4~rc1-1.\n\nWe recommend that you upgrade your libreoffice packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-29T19:18:50", "type": "debian", "title": "[SECURITY] [DSA 3608-1] libreoffice security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-06-29T19:18:50", "id": "DEBIAN:DSA-3608-1:00C2E", "href": "https://lists.debian.org/debian-security-announce/2016/msg00186.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2021-09-03T04:42:53", "description": "A use-after-free vulnerability was found in the Rich Text Format (RTF) document format parser in LibreOffice. By tricking a user into opening a specially crafted RTF document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-29T13:19:04", "type": "redhatcve", "title": "CVE-2016-4324", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2021-05-28T01:15:55", "id": "RH:CVE-2016-4324", "href": "https://access.redhat.com/security/cve/cve-2016-4324", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-03-05T18:52:00", "description": "The host is installed with LibreOffice\n and is prone to use-after-free vulnerability.", "cvss3": {}, "published": "2016-07-12T00:00:00", "type": "openvas", "title": "LibreOffice Use-after-free Vulnerability July16 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310808575", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808575", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# LibreOffice Use-after-free Vulnerability July16 (Mac OS X)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:libreoffice:libreoffice\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808575\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-4324\");\n script_bugtraq_id(91499);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-07-12 11:29:23 +0530 (Tue, 12 Jul 2016)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"LibreOffice Use-after-free Vulnerability July16 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with LibreOffice\n and is prone to use-after-free vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to insufficient validation\n of RTF parser validity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"LibreOffice version before 5.1.4 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to LibreOffice version\n 5.1.4 or 5.2.0 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_libreoffice_detect_macosx.nasl\");\n script_mandatory_keys(\"LibreOffice/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!libreVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:libreVer, test_version:\"5.1.4\"))\n{\n report = report_fixed_ver(installed_version:libreVer, fixed_version:\"5.1.4 or 5.2.0\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:54:54", "description": "Aleksandar Nikolic discovered that\nmissing input sanitising in the RTF parser in Libreoffice may result in the\nexecution of arbitrary code if a malformed documented is opened.", "cvss3": {}, "published": "2016-06-29T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3608-1 (libreoffice - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703608", "href": "http://plugins.openvas.org/nasl.php?oid=703608", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3608.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3608-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703608);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-4324\");\n script_name(\"Debian Security Advisory DSA 3608-1 (libreoffice - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-06-29 00:00:00 +0200 (Wed, 29 Jun 2016)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3608.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"libreoffice on Debian Linux\");\n script_tag(name: \"insight\", value: \"LibreOffice is a full-featured office\nproductivity suite that provides a near drop-in replacement for Microsoft(R)\nOffice.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 1:4.3.3-2+deb8u5.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 1:5.1.4~rc1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:5.1.4~rc1-1.\n\nWe recommend that you upgrade your libreoffice packages.\");\n script_tag(name: \"summary\", value: \"Aleksandar Nikolic discovered that\nmissing input sanitising in the RTF parser in Libreoffice may result in the\nexecution of arbitrary code if a malformed documented is opened.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"fonts-opensymbol\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gir1.2-lokdocview-0.1\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-avmedia-backend-gstreamer\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-avmedia-backend-vlc\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-base\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-base-core\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-base-drivers\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-calc\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-common\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-core\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-dev\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-dev-doc\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-draw\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-evolution\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-gnome\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-gtk\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-gtk3\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-ca\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-cs\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-da\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-de\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-dz\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-el\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-en-gb\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-en-us\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-es\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-et\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-eu\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-fi\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-fr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-gl\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-hi\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-hu\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-it\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-ja\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-km\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-ko\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-nl\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-om\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-pl\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-pt\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-pt-br\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-ru\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-sk\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-sl\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-sv\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-tr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-vi\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-zh-cn\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-zh-tw\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-impress\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-java-common\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-kde\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-af\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-am\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ar\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-as\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ast\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-be\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-bg\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-bn\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-br\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-bs\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ca\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-cs\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-cy\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-da\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-de\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-dz\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-el\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-en-gb\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-en-za\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-eo\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-es\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-et\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-eu\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-fa\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-fi\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-fr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ga\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-gd\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-gl\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-gu\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-gug\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-he\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-hi\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-hr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-hu\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-id\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-in\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-is\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-it\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ja\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ka\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-kk\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-km\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-kmr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ko\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-lt\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-lv\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-mk\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ml\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-mn\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-mr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nb\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ne\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nl\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nn\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nso\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-oc\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-om\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-or\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-pa-in\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-pl\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-pt\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-pt-br\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ro\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ru\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-rw\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-si\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-sk\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-sl\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-sr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ss\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-st\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-sv\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ta\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-te\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-tg\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-th\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-tn\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-tr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ts\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ug\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-uk\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-uz\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ve\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-vi\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-xh\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-za\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-zh-cn\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-zh-tw\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-zu\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-librelogo\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-math\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-mysql-connector\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-officebean\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-ogltrans\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-pdfimport\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-report-builder\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-report-builder-bin\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-script-provider-bsh\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-script-provider-js\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-script-provider-python\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-sdbc-firebird\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-sdbc-hsqldb\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-sdbc-postgresql\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-breeze\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-galaxy\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-hicontrast\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-oxygen\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-sifr\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-tango\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-subsequentcheckbase\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-wiki-publisher\", ver:\"1.2.0+LibO5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-writer\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreofficekit-dev\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-uno\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"uno-libs3\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ure\", ver:\"1:5.1.4~rc1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"browser-plugin-libreoffice\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"fonts-opensymbol\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-avmedia-backend-gstreamer\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-avmedia-backend-vlc\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-base\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-base-core\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-base-drivers\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-calc\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-common\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-core\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-dbg\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-dev\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-dev-doc\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-draw\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-emailmerge\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-evolution\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-gnome\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-gtk\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-gtk3\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-ca\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-cs\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-da\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-de\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-dz\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-el\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-en-gb\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-en-us\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-es\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-et\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-eu\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-fi\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-fr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-gl\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-hi\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-hu\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-it\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-ja\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-km\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-ko\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-nl\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-om\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-pl\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-pt\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-pt-br\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-ru\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-sk\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-sl\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-sv\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-tr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-vi\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-zh-cn\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-help-zh-tw\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-impress\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-java-common\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-kde\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-af\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ar\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-as\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ast\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-be\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-bg\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-bn\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-br\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-bs\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ca\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-cs\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-cy\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-da\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-de\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-dz\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-el\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-en-gb\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-en-za\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-eo\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-es\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-et\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-eu\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-fa\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-fi\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-fr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ga\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-gd\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-gl\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-gu\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-he\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-hi\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-hr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-hu\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-id\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-in\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-is\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-it\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ja\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ka\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-kk\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-km\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-kmr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ko\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ku\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-lt\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-lv\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-mk\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ml\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-mn\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-mr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nb\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ne\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nl\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nn\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-nso\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-oc\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-om\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-or\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-pa-in\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-pl\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-pt\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-pt-br\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ro\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ru\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-rw\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-si\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-sk\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-sl\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-sr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ss\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-st\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-sv\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ta\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-te\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-tg\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-th\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-tn\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-tr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ts\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ug\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-uk\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-uz\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-ve\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-vi\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-xh\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-za\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-zh-cn\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-zh-tw\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-l10n-zu\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-librelogo\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-math\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-mysql-connector\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-officebean\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-ogltrans\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-pdfimport\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-presentation-minimizer\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-presenter-console\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-report-builder\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-report-builder-bin\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-script-provider-bsh\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-script-provider-js\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-script-provider-python\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-sdbc-firebird\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-sdbc-hsqldb\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-sdbc-postgresql\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-crystal\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-galaxy\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-hicontrast\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-oxygen\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-sifr\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-style-tango\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-subsequentcheckbase\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-wiki-publisher\", ver:\"1.1.2+LibO4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libreoffice-writer\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"openoffice.org-dtd-officedocument1.0\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-uno\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-uno\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"uno-libs3\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"uno-libs3-dbg\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ure\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ure-dbg\", ver:\"1:4.3.3-2+deb8u5\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-07-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for libreoffice USN-3022-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842819", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842819", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for libreoffice USN-3022-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842819\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-01 05:25:19 +0200 (Fri, 01 Jul 2016)\");\n script_cve_id(\"CVE-2016-4324\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for libreoffice USN-3022-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libreoffice'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that LibreOffice incorrectly\n handled RTF document files. If a user were tricked into opening a specially\n crafted RTF document, a remote attacker could cause LibreOffice to crash, and\n possibly execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"libreoffice on Ubuntu 16.04 LTS,\n Ubuntu 15.10,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3022-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3022-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|16\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libreoffice-core\", ver:\"1:3.5.7-0ubuntu11\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libreoffice-core\", ver:\"1:5.1.4-0ubuntu1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libreoffice-core\", ver:\"1:5.0.6-0ubuntu1\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-05T18:54:41", "description": "The host is installed with LibreOffice\n and is prone to use-after-free vulnerability.", "cvss3": {}, "published": "2016-07-12T00:00:00", "type": "openvas", "title": "LibreOffice Use-after-free Vulnerability July16 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310808574", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808574", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# LibreOffice Use-after-free Vulnerability July16 (Windows)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:libreoffice:libreoffice\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808574\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-4324\");\n script_bugtraq_id(91499);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-07-12 11:01:16 +0530 (Tue, 12 Jul 2016)\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_name(\"LibreOffice Use-after-free Vulnerability July16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with LibreOffice\n and is prone to use-after-free vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to insufficient validation\n of RTF parser validity.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"LibreOffice version before 5.1.4 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to LibreOffice version\n 5.1.4 or 5.2.0 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_libreoffice_detect_portable_win.nasl\");\n script_mandatory_keys(\"LibreOffice/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!libreVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less(version:libreVer, test_version:\"5.1.4\"))\n{\n report = report_fixed_ver(installed_version:libreVer, fixed_version:\"5.1.4 or 5.2.0\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:19", "description": "Aleksandar Nikolic discovered that\nmissing input sanitising in the RTF parser in Libreoffice may result in the\nexecution of arbitrary code if a malformed documented is opened.", "cvss3": {}, "published": "2016-06-29T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3608-1 (libreoffice - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703608", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703608", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3608.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3608-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703608\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-4324\");\n script_name(\"Debian Security Advisory DSA 3608-1 (libreoffice - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-29 00:00:00 +0200 (Wed, 29 Jun 2016)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3608.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"libreoffice on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 1:4.3.3-2+deb8u5.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 1:5.1.4~rc1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:5.1.4~rc1-1.\n\nWe recommend that you upgrade your libreoffice packages.\");\n script_tag(name:\"summary\", value:\"Aleksandar Nikolic discovered that\nmissing input sanitising in the RTF parser in Libreoffice may result in the\nexecution of arbitrary code if a malformed documented is opened.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"fonts-opensymbol\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"gir1.2-lokdocview-0.1\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-avmedia-backend-gstreamer\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-avmedia-backend-vlc\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-base\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-base-core\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-base-drivers\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-calc\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-common\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-core\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-dev\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-dev-doc\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-draw\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-evolution\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-gnome\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-gtk\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-gtk3\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-ca\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-cs\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-da\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-de\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-dz\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-el\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-en-gb\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-en-us\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-es\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-et\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-eu\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-fi\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-fr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-gl\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-hi\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-hu\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-it\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-ja\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-km\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-ko\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-nl\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-om\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-pl\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-pt\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-pt-br\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-ru\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-sk\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-sl\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-sv\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-tr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-vi\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-zh-cn\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-zh-tw\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-impress\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-java-common\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-kde\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-af\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-am\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ar\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-as\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ast\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-be\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-bg\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-bn\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-br\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-bs\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ca\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-cs\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-cy\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-da\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-de\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-dz\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-el\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-en-gb\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-en-za\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-eo\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-es\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-et\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-eu\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-fa\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-fi\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-fr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ga\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-gd\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-gl\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-gu\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-gug\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-he\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-hi\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-hr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-hu\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-id\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-in\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-is\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-it\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ja\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ka\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-kk\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-km\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-kmr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ko\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-lt\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-lv\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-mk\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ml\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-mn\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-mr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nb\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ne\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nl\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nn\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nso\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-oc\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-om\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-or\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-pa-in\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-pl\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-pt\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-pt-br\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ro\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ru\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-rw\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-si\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-sk\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-sl\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-sr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ss\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-st\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-sv\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ta\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-te\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-tg\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-th\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-tn\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-tr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ts\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ug\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-uk\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-uz\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ve\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-vi\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-xh\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-za\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-zh-cn\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-zh-tw\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-zu\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-librelogo\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-math\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-mysql-connector\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-officebean\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-ogltrans\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-pdfimport\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-report-builder\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-report-builder-bin\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-script-provider-bsh\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-script-provider-js\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-script-provider-python\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-sdbc-firebird\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-sdbc-hsqldb\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-sdbc-postgresql\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-breeze\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-galaxy\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-hicontrast\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-oxygen\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-sifr\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-tango\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-subsequentcheckbase\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-wiki-publisher\", ver:\"1.2.0+LibO5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-writer\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreofficekit-dev\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-uno\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"uno-libs3\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ure\", ver:\"1:5.1.4~rc1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"browser-plugin-libreoffice\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"fonts-opensymbol\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-avmedia-backend-gstreamer\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-avmedia-backend-vlc\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-base\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-base-core\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-base-drivers\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-calc\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-common\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-core\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-dbg\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-dev\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-dev-doc\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-draw\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-emailmerge\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-evolution\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-gnome\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-gtk\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-gtk3\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-ca\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-cs\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-da\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-de\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-dz\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-el\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-en-gb\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-en-us\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-es\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-et\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-eu\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-fi\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-fr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-gl\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-hi\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-hu\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-it\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-ja\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-km\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-ko\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-nl\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-om\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-pl\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-pt\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-pt-br\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-ru\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-sk\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-sl\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-sv\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-tr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-vi\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-zh-cn\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-help-zh-tw\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-impress\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-java-common\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-kde\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-af\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ar\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-as\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ast\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-be\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-bg\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-bn\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-br\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-bs\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ca\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-cs\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-cy\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-da\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-de\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-dz\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-el\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-en-gb\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-en-za\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-eo\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-es\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-et\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-eu\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-fa\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-fi\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-fr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ga\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-gd\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-gl\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-gu\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-he\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-hi\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-hr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-hu\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-id\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-in\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-is\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-it\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ja\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ka\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-kk\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-km\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-kmr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ko\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ku\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-lt\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-lv\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-mk\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ml\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-mn\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-mr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nb\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ne\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nl\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nn\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-nso\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-oc\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-om\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-or\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-pa-in\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-pl\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-pt\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-pt-br\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ro\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ru\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-rw\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-si\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-sk\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-sl\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-sr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ss\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-st\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-sv\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ta\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-te\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-tg\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-th\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-tn\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-tr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ts\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ug\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-uk\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-uz\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-ve\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-vi\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-xh\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-za\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-zh-cn\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-zh-tw\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-l10n-zu\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-librelogo\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-math\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-mysql-connector\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-officebean\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-ogltrans\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-pdfimport\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-presentation-minimizer\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-presenter-console\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-report-builder\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-report-builder-bin\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-script-provider-bsh\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-script-provider-js\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-script-provider-python\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-sdbc-firebird\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-sdbc-hsqldb\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-sdbc-postgresql\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-crystal\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-galaxy\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-hicontrast\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-oxygen\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-sifr\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-style-tango\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-subsequentcheckbase\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-wiki-publisher\", ver:\"1.1.2+LibO4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libreoffice-writer\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openoffice.org-dtd-officedocument1.0\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-uno\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-uno\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"uno-libs3\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"uno-libs3-dbg\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ure\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ure-dbg\", ver:\"1:4.3.3-2+deb8u5\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-07-10T00:00:00", "type": "openvas", "title": "Fedora Update for libreoffice FEDORA-2016-f0552e1341", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310808548", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808548", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreoffice FEDORA-2016-f0552e1341\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808548\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:19:40 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-4324\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libreoffice FEDORA-2016-f0552e1341\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libreoffice'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libreoffice on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-f0552e1341\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FV6XBUV3UYAWZUN6NODPYC5QIBWMKD2C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreoffice\", rpm:\"libreoffice~5.0.6.2~9.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "talos": [{"lastseen": "2022-01-26T11:54:27", "description": "### SUMMARY\n\nAn exploitable Use After Free vulnerability exists in the RTF parser LibreOffice. A specially crafted file can cause a use after free resulting in a possible arbitrary code execution. To exploit the vulnerability a malicious file needs to be opened by the user via vulnerable application.\n\n### TESTED VERSIONS\n\nThe Document Foundation LibreOffice 5.0.4\n\n### PRODUCT URLs\n\n<https://www.libreoffice.org/download/libreoffice-fresh/>\n\n### CVSSv3 SCORE\n\n[6.3] - [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L]\n\n### DETAILS\n\nLibreOffice is a popular open source office suite. An use after free vulnerability is present in the RTF parser of the lates release. The core of the vulnerability lies in the way documents containing both stylesheet and superscript tokens are parsed. A malformed document with `\\super` token in top group causes the invalid parser operation. A minimal example testcase triggering the vulnerability is:\n \n \n {\\rtf1\n {\\stylesheet {;}}\n Hello world \\super hello\n }\n \n\nIt can be observed that the token `super` (a keyword for supperscript text) is in outermost group while the stylesheet is in its own inner group. In an usual RTF document, superscript would be in an inner group too.\n\nLooking at the code, for each new token a new parser state is pushed to the state stack:\n \n \n RTFError RTFDocumentImpl::pushState()\n {\n //SAL_INFO(\"writerfilter\", OSL_THIS_FUNC << \" before push: \" << m_pTokenizer->getGroup());\n \n checkUnicode(/*bUnicode =*/ true, /*bHex =*/ true);\n m_nGroupStartPos = Strm().Tell();\n \n if (m_aStates.empty())\n m_aStates.push(m_aDefaultState);\n else\n {\n // fdo#85812 group resets run type of _current_ and new state (but not RTL)\n m_aStates.top().eRunType = RTFParserState::LOCH;\n \n if (m_aStates.top().eDestination == Destination::MR)\n lcl_DestinationToMath(*m_aStates.top().pDestinationText, m_aMathBuffer, m_bMathNor);\n m_aStates.push(m_aStates.top());\n }\n m_aStates.top().aDestinationText.setLength(0); // was copied: always reset!\n \n\nIt should be noted that variable `m_aStates` above is of type `RTFStack` which is a warper for STL deque container. In this specific case, the states are popped and subsequently freed in the `popState` method, specifically at line 5844:\n \n \n m_aStates.pop();\n m_pTokenizer->popGroup();\n \n\nBy observing the process under debugger, it can be observed that `popState` is called one time too many, leading to an access to an invalid pointer which eventually crashes the process at:\n \n \n writerfilter::Reference<Properties>::Pointer_t RTFDocumentImpl::getProperties(RTFSprms& rAttributes, RTFSprms& rSprms)\n {\n int nStyle = 0;\n if (!m_aStates.empty())\n nStyle = m_aStates.top().nCurrentStyleIndex;\n RTFReferenceTable::Entries_t::iterator it = m_aStyleTableEntries.find(nStyle);\n if (it != m_aStyleTableEntries.end())\n {\n RTFReferenceProperties& rProps = *static_cast<RTFReferenceProperties*>(it->second.get());\n \n // cloneAndDeduplicate() wants to know about only a single \"style\", so\n // let's merge paragraph and character style properties here.\n int nCharStyle = m_aStates.top().nCurrentCharacterStyleIndex; // crashes here\n \n\nThe invalid memory being dereferenced ultimately comes from a previously used chunk on the heap of size 0x50 which is allocated during one of the `pushState` calls:\n \n \n gdb$ bt\n #0 0xffffffff in void std::deque<writerfilter::rtftok::RTFParserState, std::allocator<writerfilter::rtftok::RTFParserState> >::_M_push_back_aux<writerfilter::rtftok::RTFParserState const&>(writerfilter::rtftok::RTFParserState const&) ()\n at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\n #1 0xffffffff in writerfilter::rtftok::RTFDocumentImpl::pushState() () at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\n #2 0xffffffff in writerfilter::rtftok::RTFTokenizer::resolveParse() () at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\n #3 0xffffffff in writerfilter::rtftok::RTFDocumentImpl::resolve(writerfilter::Stream&) () at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\n #4 0xffffffff in RtfFilter::filter(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) () at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\n #5 0xffffffff in SfxObjectShell::ImportFrom(SfxMedium&, com::sun::star::uno::Reference<com::sun::star::text::XTextRange> const&) () at /opt/libreoffice5.0/program/libmergedlo.so\n #6 0xffffffff in SfxObjectShell::DoLoad(SfxMedium*) () at /opt/libreoffice5.0/program/libmergedlo.so\n #7 0xffffffff in SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) () at /opt/libreoffice5.0/program/libmergedlo.so\n \n\nA truncated callstack shows that the debugger is stopped inside a `push_back` method of the RTFStack deque.\n \n \n gdb$ x/10i $pc-5\n 0xabc26224 <+192>: call 0xabbff5a0 <operator new(unsigned int)@plt>\n => 0xabc26229 <+197>: mov edx,DWORD PTR [ebp-0x1c]\n 0xabc2622c <+200>: add esp,0xc\n 0xabc2622f <+203>: mov DWORD PTR [ebp-0x24],edx\n 0xabc26232 <+206>: mov ecx,eax\n 0xabc26234 <+208>: mov eax,edx\n 0xabc26236 <+210>: sub eax,edi\n 0xabc26238 <+212>: shr eax,1\n 0xabc2623a <+214>: lea edi,[ecx+eax*4]\n 0xabc2623d <+217>: push edi\n \n\nDisassembly of at the breakpoint shows a call to a new operator which allocates an array of 18 unsigned ints. The heap chunk returned is in `eax` and can be observed to be in use:\n \n \n gdb$ x/x $eax\n 0x873c200: 0xb5131968\n gdb$ x/x $eax-4\n 0x873c1fc: 0x00000051\n \n\nThe chunk is located at 0x873c200 and is 80 bytes in size. This chunk is later freed in a `popState` call but it\u2019s content is ultimately accessed again just before the crash. The program crashes inside ` writerfilter::Reference::Pointer_t RTFDocumentImpl::getProperties`:\n \n \n Program received signal SIGSEGV, Segmentation fault.\n gdb$ x/3i $pc-8\n 0xabc03898 <+156>: call 0xabc1e6de <std::deque<writerfilter::rtftok::RTFParserState, std::allocator<writerfilter::rtftok::RTFParserState> >::back()>\n 0xabc0389d <+161>: add esp,0xc\n => 0xabc038a0 <+164>: mov eax,DWORD PTR [eax+0x1c4]\n gdb$ i r eax\n eax 0x19 0x19\n gdb$ \n \n\nIn the above debugger output, the process crashes due to a read access violation. Contents of register `eax` above come from the previous call to `back`:\n \n \n gdb$ disassemble 0xabc1e6de\n Dump of assembler code for function _ZNSt5dequeIN12writerfilter6rtftok14RTFParserStateESaIS2_EE4backEv:\n 0xabc1e6de <+0>: push ebp\n 0xabc1e6df <+1>: mov ebp,esp\n 0xabc1e6e1 <+3>: mov edx,DWORD PTR [ebp+0x8]\n 0xabc1e6e4 <+6>: mov eax,DWORD PTR [edx+0x18]\n 0xabc1e6e7 <+9>: cmp eax,DWORD PTR [edx+0x1c]\n 0xabc1e6ea <+12>: mov ecx,DWORD PTR [edx+0x24]\n 0xabc1e6ed <+15>: jne 0xabc1e6f7 <std::deque<writerfilter::rtftok::RTFParserState, std::allocator<writerfilter::rtftok::RTFParserState> >::back()+25>\n 0xabc1e6ef <+17>: mov eax,DWORD PTR [ecx-0x4] [1]\n 0xabc1e6f2 <+20>: add eax,0x1d4\n 0xabc1e6f7 <+25>: sub eax,0x1d4\n 0xabc1e6fc <+30>: pop ebp\n 0xabc1e6fd <+31>: ret \n End of assembler dump.\n gdb$ x/x $ecx-4\n 0x873c214: 0x00000019\n \n\nIn the above disassembly, the final value of eax ultimately comes from an address pointed at by `ecx-4` [1] which actually points inside the previously freed chunk. Observe that the buffer is inside the chunk (chunk was at 0x873c200 and was 80 bytes) which has been allocated by another part of the code in the mean time.\n\nFurther memory layout control could potentially allow for more abuse and ultimately for code execution. By careful heap manipulation, a dereferenced pointer can be put under control which can be demonstrated by the following (shortened) testcase:\n \n \n {\\rtf{\\upr{\\ud{\\fonttbl{}}}}\n {\\stylesheet\n { Normal;}\n }\n \\super a}AAAAAAA.....\n \n\nOpening the above testcase in LibreOffice results in the same crash but with obvious control over the pointer:\n \n \n Program received signal SIGSEGV, Segmentation fault.\n [----------------------------------registers-----------------------------------]\n EAX: 0x41414141 ('AAAA')\n EBX: 0xabd6e460 --> 0x187244 \n ECX: 0x88595c8 --> 0x8810440 --> 0x880ff08 --> 0xabd69840 (:rtftok::RTFDocumentImpl+8>: 0xabc01cf6)\n EDX: 0x880ff48 --> 0x88595b0 --> 0xb5131870 --> 0x885bbc0 --> 0x0 \n ESI: 0xbfffd7d4 --> 0xabc1e74c (<std::__shared_count<(__gnu_cxx::_Lock_policy)2>::__shared_count(std::__shared_count<(__gnu_cxx::_Lock_policy)2> const&)+14>: add ecx,0x14fd14)\n EDI: 0x88103e4 --> 0x0 \n EBP: 0xbfffd808 --> 0xbfffd898 --> \n ESP: 0xbfffd79c --> 0xbfffd7bc --> 0x882d7b8 --> 0x1 \n EIP: 0xabc038a0 (<writerfilter::rtftok::RTFDocumentImpl::getProperties(writerfilter::rtftok::RTFSprms&, writerfilter::rtftok::RTFSprms&)+164>: mov eax,DWORD PTR [eax+0x1c4])\n EFLAGS: 0x210286 (carry PARITY adjust zero SIGN trap INTERRUPT direction overflow)\n [-------------------------------------code-------------------------------------]\n 0xabc03895 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+153>: mov DWORD PTR [ebp-0x64],eax\n 0xabc03898 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+156>: call 0xabc1e6de <std::deque::back()>\n 0xabc0389d <writerfilter::rtftok::RTFDocumentImpl::getProperties()+161>: add esp,0xc\n => 0xabc038a0 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+164>: mov eax,DWORD PTR [eax+0x1c4]\n 0xabc038a6 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+170>: mov DWORD PTR [ebp-0x3c],eax\n 0xabc038a9 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+173>: lea eax,[ebp-0x3c]\n 0xabc038ac <writerfilter::rtftok::RTFDocumentImpl::getProperties()+176>: push eax\n 0xabc038ad <writerfilter::rtftok::RTFDocumentImpl::getProperties()+177>: push edi\n 0xabc038a0 in writerfilter::rtftok::RTFDocumentImpl::getProperties() () from /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\n gdb$\n \n\nFurther process and memory state manipulation is needed to possibly turn this arbitrary read into code execution.\n\n### CRASH INFORMATION\n \n \n Program received signal SIGSEGV, Segmentation fault.\n 0xabc038a0 in writerfilter::rtftok::RTFDocumentImpl::getProperties(writerfilter::rtftok::RTFSprms&, writerfilter::rtftok::RTFSprms&) () from /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\n Missing separate debuginfos, use: debuginfo-install libreoffice5.0-5.0.4.2-2.i586\n (gdb) exploitable\n Description: Access violation on source operand\n Short description: SourceAv (19/22)\n Hash: af3c01fefebc302b00a13ca8b7b6f323.5bf63181b180fb2d4e93814d425f662e\n Exploitability Classification: UNKNOWN\n Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.\n Other tags: AccessViolation (21/22)\n (gdb) \n \n\n### TIMELINE\n\n2016-04-13 - Initial Vendor Contact \n2016-06-27 - Public Release \n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-27T00:00:00", "type": "talos", "title": "The Document Foundation LibreOffice RTF Stylesheet Code Execution Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-06-27T00:00:00", "id": "TALOS-2016-0126", "href": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0126", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2021-08-18T11:20:49", "description": "### *Detect date*:\n06/28/2016\n\n### *Severity*:\nHigh\n\n### *Description*:\nLack of validation was found in LibreOffice. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed RTF file.\n\n### *Affected products*:\nLibreOffice versions earlier than 5.1.4\n\n### *Solution*:\nUpdate to the latest version \n[LibreOffice download page](<http://www.libreoffice.org/download/libreoffice-fresh/>)\n\n### *Original advisories*:\n[LibreOffice advisory](<http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[LibreOffice](<https://threats.kaspersky.com/en/product/LibreOffice/>)\n\n### *CVE-IDS*:\n[CVE-2016-4324](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4324>)6.8High", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-28T00:00:00", "type": "kaspersky", "title": "KLA10837 Code execution vulnerabilities in LibreOffice", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2020-06-03T00:00:00", "id": "KLA10837", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10837/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:32", "description": "\n\nTalos reports:\n\nAn exploitable Use After Free vulnerability exists in the\n\t RTF parser LibreOffice. A specially crafted file can cause a use after\n\t free resulting in a possible arbitrary code execution. To exploit the\n\t vulnerability a malicious file needs to be opened by the user via\n\t vulnerable application.\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-27T00:00:00", "type": "freebsd", "title": "libreoffice -- use-after-free vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-06-27T00:00:00", "id": "3159CD70-4AAA-11E6-A7BD-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/3159cd70-4aaa-11e6-a7bd-14dae9d210b8.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:36", "description": "A use after free vulnerability was found in the RTF parser of\nLibreOffice. The vulnerability lies in the parsing of documents\ncontaining both stylesheet and superscript tokens. A specially crafted\nRTF document containing both a stylesheet and superscript element\ncauses LibreOffice to access an invalid pointer referencing previously\nused memory on the heap. By carefully manipulating the contents of the\nheap, this vulnerability can be used to execute arbitrary code.", "edition": 2, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-05T00:00:00", "type": "archlinux", "title": "libreoffice-fresh: arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-07-05T00:00:00", "id": "ASA-201607-3", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:42:58", "description": "A use-after-free vulnerability exists in the RTF parser of the LibreOffice office suite. The vulnerability is due to invalid parsing of stylesheets in RTF files. By enticing the user to open a specially crafted RTF file, an attacker could exploit this vulnerability to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-06T00:00:00", "type": "checkpoint_advisories", "title": "LibreOffice RTF parser Use After Free (CVE-2016-4324)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-07-14T00:00:00", "id": "CPAI-2016-0590", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:46:32", "description": "Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote\nattackers to execute arbitrary code via a crafted RTF file, related to\nstylesheet and superscript tokens.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-29T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4324", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-06-29T00:00:00", "id": "UB:CVE-2016-4324", "href": "https://ubuntu.com/security/CVE-2016-4324", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated libreoffice packages fix security vulnerability: Parsing the Rich Text Format character style index was insufficiently checked for validity. Documents can be constructed which dereference an iterator to the first entry of an empty STL container (CVE-2016-4324). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-08T19:50:51", "type": "mageia", "title": "Updated libreoffice packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324"], "modified": "2016-07-08T19:50:50", "id": "MGASA-2016-0246", "href": "https://advisories.mageia.org/MGASA-2016-0246.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T12:14:18", "description": "### SUMMARY\r\nAn exploitable Use After Free vulnerability exists in the RTF parser LibreOffice. A specially crafted file can cause a use after free resulting in a possible arbitrary code execution. To exploit the vulnerability a malicious file needs to be opened by the user via vulnerable application.\r\n\r\n### TESTED VERSIONS\r\nThe Document Foundation LibreOffice 5.0.4\r\n\r\n### PRODUCT URLs\r\nhttps://www.libreoffice.org/download/libreoffice-fresh/\r\n\r\n### CVSSv3 SCORE\r\n[6.3] - [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L]\r\n\r\n### DETAILS\r\nLibreOffice is a popular open source office suite. An use after free vulnerability is present in the RTF parser of the lates release. The core of the vulnerability lies in the way documents containing both stylesheet and superscript tokens are parsed. A malformed document with `\\super` token in top group causes the invalid parser operation. A minimal example testcase triggering the vulnerability is:\r\n```\r\n{\\rtf1\r\n {\\stylesheet {;}}\r\nHello world \\super hello\r\n}\r\n```\r\nIt can be observed that the token `super` (a keyword for supperscript text) is in outermost group while the stylesheet is in its own inner group. In an usual RTF document, superscript would be in an inner group too.\r\nLooking at the code, for each new token a new parser state is pushed to the state stack:\r\n```\r\n RTFError RTFDocumentImpl::pushState()\r\n {\r\n //SAL_INFO(\"writerfilter\", OSL_THIS_FUNC << \" before push: \" << m_pTokenizer->getGroup());\r\n\r\n checkUnicode(/*bUnicode =*/ true, /*bHex =*/ true);\r\n m_nGroupStartPos = Strm().Tell();\r\n\r\n if (m_aStates.empty())\r\n m_aStates.push(m_aDefaultState);\r\n else\r\n {\r\n // fdo#85812 group resets run type of _current_ and new state (but not RTL)\r\n m_aStates.top().eRunType = RTFParserState::LOCH;\r\n\r\n if (m_aStates.top().eDestination == Destination::MR)\r\n lcl_DestinationToMath(*m_aStates.top().pDestinationText, m_aMathBuffer, m_bMathNor);\r\n m_aStates.push(m_aStates.top());\r\n }\r\n m_aStates.top().aDestinationText.setLength(0); // was copied: always reset!\r\n```\r\n\r\nIt should be noted that variable `m_aStates` above is of type `RTFStack` which is a warper for STL deque container. In this specific case, the states are popped and subsequently freed in the `popState` method, specifically at line 5844:\r\n```\r\n m_aStates.pop();\r\n m_pTokenizer->popGroup();\r\n```\r\n\r\nBy observing the process under debugger, it can be observed that `popState` is called one time too many, leading to an access to an invalid pointer which eventually crashes the process at:\r\n```\r\n writerfilter::Reference<Properties>::Pointer_t RTFDocumentImpl::getProperties(RTFSprms& rAttributes, RTFSprms& rSprms)\r\n {\r\n int nStyle = 0;\r\n if (!m_aStates.empty())\r\n nStyle = m_aStates.top().nCurrentStyleIndex;\r\n RTFReferenceTable::Entries_t::iterator it = m_aStyleTableEntries.find(nStyle);\r\n if (it != m_aStyleTableEntries.end())\r\n {\r\n RTFReferenceProperties& rProps = *static_cast<RTFReferenceProperties*>(it->second.get());\r\n\r\n // cloneAndDeduplicate() wants to know about only a single \"style\", so\r\n // let's merge paragraph and character style properties here.\r\n int nCharStyle = m_aStates.top().nCurrentCharacterStyleIndex; // crashes here\r\n```\r\n\r\nThe invalid memory being dereferenced ultimately comes from a previously used chunk on the heap of size 0x50 which is allocated during one of the `pushState` calls:\r\n```\r\n gdb$ bt\r\n #0 0xffffffff in void std::deque<writerfilter::rtftok::RTFParserState, std::allocator<writerfilter::rtftok::RTFParserState> >::_M_push_back_aux<writerfilter::rtftok::RTFParserState const&>(writerfilter::rtftok::RTFParserState const&) ()\r\n at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\r\n #1 0xffffffff in writerfilter::rtftok::RTFDocumentImpl::pushState() () at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\r\n #2 0xffffffff in writerfilter::rtftok::RTFTokenizer::resolveParse() () at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\r\n #3 0xffffffff in writerfilter::rtftok::RTFDocumentImpl::resolve(writerfilter::Stream&) () at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\r\n #4 0xffffffff in RtfFilter::filter(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) () at /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\r\n #5 0xffffffff in SfxObjectShell::ImportFrom(SfxMedium&, com::sun::star::uno::Reference<com::sun::star::text::XTextRange> const&) () at /opt/libreoffice5.0/program/libmergedlo.so\r\n #6 0xffffffff in SfxObjectShell::DoLoad(SfxMedium*) () at /opt/libreoffice5.0/program/libmergedlo.so\r\n #7 0xffffffff in SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) () at /opt/libreoffice5.0/program/libmergedlo.so\r\n```\r\n\r\nA truncated callstack shows that the debugger is stopped inside a `push_back` method of the RTFStack deque.\r\n```\r\n gdb$ x/10i $pc-5\r\n 0xabc26224 <+192>: call 0xabbff5a0 <operator new(unsigned int)@plt>\r\n => 0xabc26229 <+197>: mov edx,DWORD PTR [ebp-0x1c]\r\n 0xabc2622c <+200>: add esp,0xc\r\n 0xabc2622f <+203>: mov DWORD PTR [ebp-0x24],edx\r\n 0xabc26232 <+206>: mov ecx,eax\r\n 0xabc26234 <+208>: mov eax,edx\r\n 0xabc26236 <+210>: sub eax,edi\r\n 0xabc26238 <+212>: shr eax,1\r\n 0xabc2623a <+214>: lea edi,[ecx+eax*4]\r\n 0xabc2623d <+217>: push edi\r\n```\r\n\r\nDisassembly of at the breakpoint shows a call to a new operator which allocates an array of 18 unsigned ints. The heap chunk returned is in eax and can be observed to be in use:\r\n```\r\n gdb$ x/x $eax\r\n 0x873c200: 0xb5131968\r\n gdb$ x/x $eax-4\r\n 0x873c1fc: 0x00000051\r\n```\r\n\r\nThe chunk is located at 0x873c200 and is 80 bytes in size. This chunk is later freed in a `popState` call but it's content is ultimately accessed again just before the crash. The program crashes inside `writerfilter::Reference<Properties>::Pointer_t RTFDocumentImpl::getProperties`:\r\n```\r\n Program received signal SIGSEGV, Segmentation fault.\r\n gdb$ x/3i $pc-8\r\n 0xabc03898 <+156>: call 0xabc1e6de <std::deque<writerfilter::rtftok::RTFParserState, std::allocator<writerfilter::rtftok::RTFParserState> >::back()>\r\n 0xabc0389d <+161>: add esp,0xc\r\n => 0xabc038a0 <+164>: mov eax,DWORD PTR [eax+0x1c4]\r\n gdb$ i r eax\r\n eax 0x19 0x19\r\n gdb$ \r\n```\r\n\r\nIn the above debugger output, the process crashes due to a read access violation. Contents of register `eax` above come from the previous call to `back`:\r\n```\r\n gdb$ disassemble 0xabc1e6de\r\n Dump of assembler code for function _ZNSt5dequeIN12writerfilter6rtftok14RTFParserStateESaIS2_EE4backEv:\r\n 0xabc1e6de <+0>: push ebp\r\n 0xabc1e6df <+1>: mov ebp,esp\r\n 0xabc1e6e1 <+3>: mov edx,DWORD PTR [ebp+0x8]\r\n 0xabc1e6e4 <+6>: mov eax,DWORD PTR [edx+0x18]\r\n 0xabc1e6e7 <+9>: cmp eax,DWORD PTR [edx+0x1c]\r\n 0xabc1e6ea <+12>: mov ecx,DWORD PTR [edx+0x24]\r\n 0xabc1e6ed <+15>: jne 0xabc1e6f7 <std::deque<writerfilter::rtftok::RTFParserState, std::allocator<writerfilter::rtftok::RTFParserState> >::back()+25>\r\n 0xabc1e6ef <+17>: mov eax,DWORD PTR [ecx-0x4] [1]\r\n 0xabc1e6f2 <+20>: add eax,0x1d4\r\n 0xabc1e6f7 <+25>: sub eax,0x1d4\r\n 0xabc1e6fc <+30>: pop ebp\r\n 0xabc1e6fd <+31>: ret \r\n End of assembler dump.\r\n gdb$ x/x $ecx-4\r\n 0x873c214: 0x00000019\r\n```\r\n\r\nIn the above disassembly, the final value of eax ultimately comes from an address pointed at by `ecx-4` [1] which actually points inside the previously freed chunk. Observe that the buffer is inside the chunk (chunk was at 0x873c200 and was 80 bytes) which has been allocated by another part of the code in the mean time.\r\n\r\nFurther memory layout control could potentially allow for more abuse and ultimately for code execution. By careful heap manipulation, a dereferenced pointer can be put under control which can be demonstrated by the following (shortened) testcase:\r\n```\r\n {\\rtf{\\upr{\\ud{\\fonttbl{}}}}\r\n {\\stylesheet\r\n { Normal;}\r\n }\r\n \\super a}AAAAAAA.....\r\n```\r\n\r\nOpening the above testcase in LibreOffice results in the same crash but with obvious control over the pointer:\r\n```\r\n Program received signal SIGSEGV, Segmentation fault.\r\n [----------------------------------registers-----------------------------------]\r\n EAX: 0x41414141 ('AAAA')\r\n EBX: 0xabd6e460 --> 0x187244 \r\n ECX: 0x88595c8 --> 0x8810440 --> 0x880ff08 --> 0xabd69840 (:rtftok::RTFDocumentImpl+8>: 0xabc01cf6)\r\n EDX: 0x880ff48 --> 0x88595b0 --> 0xb5131870 --> 0x885bbc0 --> 0x0 \r\n ESI: 0xbfffd7d4 --> 0xabc1e74c (<std::__shared_count<(__gnu_cxx::_Lock_policy)2>::__shared_count(std::__shared_count<(__gnu_cxx::_Lock_policy)2> const&)+14>: add ecx,0x14fd14)\r\n EDI: 0x88103e4 --> 0x0 \r\n EBP: 0xbfffd808 --> 0xbfffd898 --> \r\n ESP: 0xbfffd79c --> 0xbfffd7bc --> 0x882d7b8 --> 0x1 \r\n EIP: 0xabc038a0 (<writerfilter::rtftok::RTFDocumentImpl::getProperties(writerfilter::rtftok::RTFSprms&, writerfilter::rtftok::RTFSprms&)+164>: mov eax,DWORD PTR [eax+0x1c4])\r\n EFLAGS: 0x210286 (carry PARITY adjust zero SIGN trap INTERRUPT direction overflow)\r\n [-------------------------------------code-------------------------------------]\r\n 0xabc03895 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+153>: mov DWORD PTR [ebp-0x64],eax\r\n 0xabc03898 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+156>: call 0xabc1e6de <std::deque::back()>\r\n 0xabc0389d <writerfilter::rtftok::RTFDocumentImpl::getProperties()+161>: add esp,0xc\r\n => 0xabc038a0 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+164>: mov eax,DWORD PTR [eax+0x1c4]\r\n 0xabc038a6 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+170>: mov DWORD PTR [ebp-0x3c],eax\r\n 0xabc038a9 <writerfilter::rtftok::RTFDocumentImpl::getProperties()+173>: lea eax,[ebp-0x3c]\r\n 0xabc038ac <writerfilter::rtftok::RTFDocumentImpl::getProperties()+176>: push eax\r\n 0xabc038ad <writerfilter::rtftok::RTFDocumentImpl::getProperties()+177>: push edi\r\n 0xabc038a0 in writerfilter::rtftok::RTFDocumentImpl::getProperties() () from /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\r\n gdb$\r\n```\r\n\r\nFurther process and memory state manipulation is needed to possibly turn this arbitrary read into code execution.\r\n\r\n### CRASH INFORMATION\r\n```\r\n Program received signal SIGSEGV, Segmentation fault.\r\n 0xabc038a0 in writerfilter::rtftok::RTFDocumentImpl::getProperties(writerfilter::rtftok::RTFSprms&, writerfilter::rtftok::RTFSprms&) () from /opt/libreoffice5.0/program/../program/libwriterfilterlo.so\r\n Missing separate debuginfos, use: debuginfo-install libreoffice5.0-5.0.4.2-2.i586\r\n (gdb) exploitable\r\n Description: Access violation on source operand\r\n Short description: SourceAv (19/22)\r\n Hash: af3c01fefebc302b00a13ca8b7b6f323.5bf63181b180fb2d4e93814d425f662e\r\n Exploitability Classification: UNKNOWN\r\n Explanation: The target crashed on an access violation at an address matching the source operand of the current instruction. This likely indicates a read access violation.\r\n Other tags: AccessViolation (21/22)\r\n (gdb) \r\n```\r\n\r\n### TIMELINE\r\n* 2016-04-13 - Initial Vendor Contact \r\n* 2016-06-27 - Public Release", "cvss3": {}, "published": "2017-10-19T00:00:00", "type": "seebug", "title": "The Document Foundation LibreOffice RTF Stylesheet Code Execution Vulnerability(CVE-2016-4324)", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2016-4324"], "modified": "2017-10-19T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-96735", "id": "SSV:96735", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:36", "description": "[1:5.0.6.2-5.0.1.1]\n- Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile\n- Build with --with-vendor='Oracle America, Inc.'\n[1:5.0.6.2-5.1]\n- Resolves: rhbz#1435534 CVE-2017-3157 Arbitrary file disclosure in Calc and\n Writer\n[1:5.0.6.2-5]\n- Resolves: rhbz#1426348 Encrypted files opening as plain text after\n cancelling password dialog\n[1:5.0.6.2-4]\n- Resolves: rhbz#1425535 crash in calc on exit after using csv dialog with a11y enabled\n- Resolves: rhbz#1425536 crash in calc on closing dialog with a11y enabled\n[1:5.0.6.2-3]\n- Resolves: rhbz#1364335 tooltips are truncated\n[1:5.0.6.2-2]\n- Resolves: rhbz#1353839 CVE-2016-4324 dereference of invalid STL iterator on\n processing RTF file\n[1:5.0.6.2-1]\n- Related: rhbz#1290148 rebase to 5.0.6\n- Related: rhbz#1290148 include more fixes from F-23\n[1:5.0.5.2-2]\n- Related: rhbz#1290148 remove unintentional dependency of libreoffice-core on\n libreoffice-calc\n- Related: rhbz#1290148 restore lost changelog entry\n- Related: rhbz#1290148 add additional 5.0.6 patches\n[1:5.0.5.2-1]\n- Resolves: rhbz#1290148 rebase to 5.0.x", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-12T00:00:00", "type": "oraclelinux", "title": "libreoffice security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4324", "CVE-2017-3157"], "modified": "2017-04-12T00:00:00", "id": "ELSA-2017-0914", "href": "http://linux.oracle.com/errata/ELSA-2017-0914.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:37", "description": "libcmis\n[0.5.1-2]\n- Resolves: rhbz#1330591 fix Google Drive login\n- Related: rhbz#1330591 fix changelog entry\n[0.5.1-1]\n- Related: rhbz#1290152 new upstream release\n[0.5.0-2]\n- Related: rhbz#1290152 autoreconf is not needed\n- Related: rhbz#1290152 add a bunch of fixes found by coverity\n[0.5.0-1]\n- Resolves: rhbz#1290152 rebase to 0.5.0\nlibpagemaker\n[0.0.3-1]\n- Related: rhbz#1290155 new upstream release\n[0.0.2-9]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[0.0.2-8]\n- Rebuilt for Boost 1.60\n[0.0.2-7]\n- Rebuilt for Boost 1.59\n[0.0.2-6]\n- Rebuilt for https://fedoraproject.org/wiki/Changes/F23Boost159\n[0.0.2-5]\n- rebuild for Boost 1.58\n[0.0.2-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[0.0.2-3]\n- Rebuilt for GCC 5 C++11 ABI change\n[0.0.2-2]\n- Rebuild for boost 1.57.0\n[0.0.2-1]\n- new upstream release\n[0.0.1-1]\n- new upstream release\nlibreoffice\n[1:5.0.6.2-3.0.1]\n- Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile\n- Build with --with-vendor='Oracle America, Inc.'\n[1:5.0.6.2-3]\n- Resolves: rhbz#1364335 tooltips are truncated\n[1:5.0.6.2-2]\n- Resolves: rhbz#1353839 CVE-2016-4324 dereference of invalid STL iterator on\n processing RTF file\n[1:5.0.6.2-1]\n- Related: rhbz#1290148 rebase to 5.0.6\n- Related: rhbz#1290148 include more fixes from F-23\n[1:5.0.5.2-2]\n- Related: rhbz#1290148 remove unintentional dependency of libreoffice-core on\n libreoffice-calc\n- Related: rhbz#1290148 restore lost changelog entry\n- Related: rhbz#1290148 add additional 5.0.6 patches\n[1:5.0.5.2-1]\n- Resolves: rhbz#1290148 rebase to 5.0.x\nmdds\n[0.12.1-1]\n- Resolves: rhbz#1290153 rebase to 0.12.1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-09T00:00:00", "type": "oraclelinux", "title": "libreoffice security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0794", "CVE-2016-0795", "CVE-2016-4324"], "modified": "2016-11-09T00:00:00", "id": "ELSA-2016-2579", "href": "http://linux.oracle.com/errata/ELSA-2016-2579.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:06:20", "description": "### Background\n\nLibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity. \n\nApache OpenOffice is the leading open-source office software suite for word processing, spreadsheets, presentations, graphics, databases and more. \n\n### Description\n\nMultiple vulnerabilities have been found in both LibreOffice and OpenOffice. Please review the referenced CVE\u2019s for specific information regarding each. \n\n### Impact\n\nRemote attackers could obtain sensitive information, cause a Denial of Service condition, or execute arbitrary code. \n\n### Workaround\n\nThere is no known work around at this time.\n\n### Resolution\n\nAll LibreOffice users should upgrade their respective packages to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-office/libreoffice-5.1.4.2\"\n # emerge --ask --oneshot --verbose\n \">=app-office/libreoffice-bin-debug-5.1.4.2\"\n \n\nAll OpenOffice users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-office/openoffice-bin-4.1.2\"", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-04T00:00:00", "type": "gentoo", "title": "LibreOffice, OpenOffice: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4551", "CVE-2015-5212", "CVE-2015-5213", "CVE-2015-5214", "CVE-2016-4324"], "modified": "2017-04-17T00:00:00", "id": "GLSA-201611-03", "href": "https://security.gentoo.org/glsa/201611-03", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}