KLA10837Code execution vulnerabilities in LibreOffice

2016-06-28T00:00:00
ID KLA10837
Type kaspersky
Reporter Kaspersky Lab
Modified 2018-07-05T00:00:00

Description

CVSS:

6.8

Detect date:

06/28/2016

Severity:

High

Description:

Lack of validation was found in LibreOffice. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed RTF file.

Affected products:

LibreOffice versions earlier than 5.1.4

Solution:

Update to the latest version
LibreOffice download page

Original advisories:

LibreOffice advisory

Impacts:

ACE

Related products:

LibreOffice

CVE-IDS:

CVE-2016-4324