Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_LIBREOFFICE_445.NASL
HistoryNov 17, 2015 - 12:00 a.m.

LibreOffice < 4.4.5 Multiple Vulnerabilities (Mac OS X)

2015-11-1700:00:00
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.07 Low

EPSS

Percentile

94.0%

JSON

The version of LibreOffice installed on the remote Mac OS X host is prior to 4.4.5. It is, therefore, affected by the following vulnerabilities :

  • An information disclosure vulnerability exists due to the use of stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links. A remote attacker can exploit this, via a specially crafted ODF document, to to obtain sensitive information. (CVE-2015-4551)

  • An integer underflow condition exists in the ReadJobSetup() function due to improper validation of user-supplied input when handling printer settings. A remote attacker can exploit this, via specially crafted PrinterSetup data in an ODF document, to cause a denial of service condition or the execution of arbitrary code.
    (CVE-2015-5212)

  • An integer underflow condition exists in the WW8ScannerBase::OpenPieceTable() function due to improper validation of user-supplied input when handling the PieceTable counter. A remote attacker can exploit this, via a specially crafted .DOC file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-5213)

Note that Nessus has not attempted to exploit these issues but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(86902);
  script_version("1.9");
  script_cvs_date("Date: 2019/11/20");

  script_cve_id("CVE-2015-4551", "CVE-2015-5212", "CVE-2015-5213");

  script_name(english:"LibreOffice < 4.4.5 Multiple Vulnerabilities (Mac OS X)");
  script_summary(english:"Checks the version of LibreOffice.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has an application installed that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of LibreOffice installed on the remote Mac OS X host is
prior to 4.4.5. It is, therefore, affected by the following
vulnerabilities :

  - An information disclosure vulnerability exists due to
    the use of stored LinkUpdateMode configuration
    information in OpenDocument Format files and templates
    when handling links. A remote attacker can exploit this,
    via a specially crafted ODF document, to to obtain
    sensitive information. (CVE-2015-4551)

  - An integer underflow condition exists in the
    ReadJobSetup() function due to improper validation of
    user-supplied input when handling printer settings. A
    remote attacker can exploit this, via specially crafted
    PrinterSetup data in an ODF document, to cause a denial
    of service condition or the execution of arbitrary code.
    (CVE-2015-5212)

  - An integer underflow condition exists in the
    WW8ScannerBase::OpenPieceTable() function due to
    improper validation of user-supplied input when handling
    the PieceTable counter. A remote attacker can exploit
    this, via a specially crafted .DOC file, to cause a
    denial of service condition or the execution of
    arbitrary code. (CVE-2015-5213)

Note that Nessus has not attempted to exploit these issues but has
instead relied only on the application's self-reported version number.");
  # https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cdf2c164");
  # https://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8a5c0096");
  # https://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1b2d335c");
  script_set_attribute(attribute:"see_also", value:"http://listarchives.documentfoundation.org/www/announce/msg00241.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to LibreOffice version 4.4.5 (4.4.5.2) or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-5213");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/11/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/07/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/11/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:libreoffice:libreoffice");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_libreoffice_installed.nasl");
  script_require_keys("installed_sw/LibreOffice", "Host/MacOSX/Version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("install_func.inc");

app_name = "LibreOffice";

get_kb_item_or_exit("Host/MacOSX/Version");

install = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);
version = install['version'];
path    = install['path'];

if (
  # < 4.x
  version =~ "^[0-3]($|[^0-9])" ||
  # 4.x < 4.4.5
  version =~ "^(4\.[0-3]|4\.4\.[0-4])($|[^0-9])"
)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : 4.4.5 (4.4.5.2)' +
      '\n';
    security_warning(port:0, extra:report);
  }
  else security_warning(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);
VendorProductVersionCPE
libreofficelibreofficecpe:/a:libreoffice:libreoffice

Related

kaspersky 2
openvas 14
nessus 16
freebsd 2
osv 1
ubuntu 1
mageia 1
centos 1
oraclelinux 1
veracode 3
redhat 1
debian 1
gentoo 2
nvd 3
cvelist 3
prion 3
ubuntucve 3
debiancve 3
checkpoint_advisories 1
cve 3
kaspersky
kaspersky
KLA10699 Multiple vulnerabilities in LibreOffice
2015-11-10 00:00:00
KLA11372 Multiple vulnerabilities in OpenOffice
2015-11-10 00:00:00
openvas
openvas
LibreOffice Multiple Vulnerabilities (Nov 2015) - Windows
2015-11-16 00:00:00
LibreOffice Multiple Vulnerabilities (Nov 2015) - Mac OS X
2015-11-16 00:00:00
Debian Security Advisory DSA 3394-1 (libreoffice - security update)
2015-11-05 00:00:00
nessus
nessus
LibreOffice < 4.4.5 Multiple Vulnerabilities
2015-11-17 00:00:00
FreeBSD : OpenOffice 4.1.1 -- multiple vulnerabilities (18b3c61b-83de-11e5-905b-ac9e174be3af)
2015-11-06 00:00:00
CentOS 6 / 7 : libreoffice (CESA-2015:2619)
2015-12-15 00:00:00
freebsd
freebsd
OpenOffice 4.1.1 -- multiple vulnerabilities
2015-11-04 00:00:00
Apache OpenOffice 4.1.2 -- Memory Corruption Vulnerability (Impress Presentations)
2016-07-17 00:00:00
osv
osv
libreoffice - security update
2015-11-05 00:00:00
ubuntu
ubuntu
LibreOffice vulnerabilities
2015-11-05 00:00:00
mageia
mageia
Updated libreoffice packages fix security vulnerability
2015-11-11 00:26:39
centos
centos
autocorr, libreoffice security update
2015-12-14 23:10:44
oraclelinux
oraclelinux
libreoffice security update
2015-12-14 00:00:00
veracode
veracode
Buffer Overflow
2019-05-02 05:19:58
Remote Code Execution (RCE)
2019-05-02 05:19:58
Information Disclosure
2019-01-15 09:09:06
redhat
redhat
(RHSA-2015:2619) Moderate: libreoffice security update
2015-12-14 00:00:00
debian
debian
[SECURITY] [DSA 3394-1] libreoffice security update
2015-11-05 18:47:46
gentoo
gentoo
LibreOffice, OpenOffice: Multiple vulnerabilities
2016-11-04 00:00:00
LibreOffice, OpenOffice: Multiple vulnerabilities
2016-03-09 00:00:00
nvd
nvd
CVE-2015-5213
2015-11-10 17:59:03
CVE-2015-4551
2015-11-10 17:59:00
CVE-2015-5212
2015-11-10 17:59:02
cvelist
cvelist
CVE-2015-5213
2015-11-10 16:00:00
CVE-2015-5212
2015-11-10 16:00:00
CVE-2015-4551
2015-11-10 16:00:00
prion
prion
Integer overflow
2015-11-10 17:59:00
Integer overflow
2015-11-10 17:59:00
Format string
2015-11-10 17:59:00
ubuntucve
ubuntucve
CVE-2015-5213
2015-11-03 00:00:00
CVE-2015-5212
2015-11-03 00:00:00
CVE-2015-4551
2015-11-03 00:00:00
debiancve
debiancve
CVE-2015-5213
2015-11-10 17:59:03
CVE-2015-5212
2015-11-10 17:59:02
CVE-2015-4551
2015-11-10 17:59:00
checkpoint_advisories
checkpoint_advisories
LibreOffice and OpenOffice ODF Document PrinterSetup Integer Underflow (CVE-2015-5212)
2016-03-08 00:00:00
cve
cve
CVE-2015-5212
2015-11-10 17:59:02
CVE-2015-4551
2015-11-10 17:59:00
CVE-2015-5213
2015-11-10 17:59:03

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.07 Low

EPSS

Percentile

94.0%

JSON
Related for MACOSX_LIBREOFFICE_445.NASL
kaspersky2openvas14nessus16freebsd2osv1ubuntu1mageia1centos1oraclelinux1veracode3redhat1debian1gentoo2nvd3cvelist3prion3ubuntucve3debiancve3checkpoint_advisories1cve3