Lucene search

K

Kaspersky LabKLA10700

HistoryNov 10, 2015 - 12:00 a.m.

KLA10700 Code execution vulnerability in LibreOffice

2015-11-1000:00:00

Kaspersky Lab

threats.kaspersky.com

28

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.2%

Detect date:

11/10/2015

Severity:

High

Description:

Lack of bookmarks restrictions was found in LibreOffice & OpenOffice. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed DOC file.

Affected products:

LibreOffice versions earlier than 4.4.6
LibreOffice 5 versions earlier than 5.0.1

Solution:

Update to the latest version
Get LibreOffice

Impacts:

ACE

Related products:

CVE-IDS:

CVE-2015-52146.8High

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/LibreOffice/

www.libreoffice.org/download/libreoffice-fresh/

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.2%

Related for KLA10700

ubuntucve1 kaspersky1 cve1 debiancve1 nessus15 openvas14 prion1 redhat1 veracode2 debian1 mageia1 centos1 ubuntu1 oraclelinux1 osv1 freebsd1 gentoo2