Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310806598
HistoryNov 16, 2015 - 12:00 a.m.

LibreOffice Multiple Vulnerabilities (Nov 2015) - Mac OS X

2015-11-1600:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
9

7.6 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.095 Low

EPSS

Percentile

94.7%

JSON

LibreOffice is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:libreoffice:libreoffice";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.806598");
  script_version("2024-02-09T05:06:25+0000");
  script_cve_id("CVE-2015-5213", "CVE-2015-5212", "CVE-2015-4551");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2024-02-09 05:06:25 +0000 (Fri, 09 Feb 2024)");
  script_tag(name:"creation_date", value:"2015-11-16 17:31:07 +0530 (Mon, 16 Nov 2015)");
  script_tag(name:"qod_type", value:"executable_version");
  script_name("LibreOffice Multiple Vulnerabilities (Nov 2015) - Mac OS X");

  script_tag(name:"summary", value:"LibreOffice is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws are due to:

  - Usage of stored LinkUpdateMode configuration information in OpenDocument
    Format files and templates when handling links.

  - Integer underflow when the configuration setting 'Load printer settings with
  the document' is enabled.

  - Integer overflow via a long DOC file.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to obtain sensitive information, to cause a denial of service or
  possibly execute arbitrary code.");

  script_tag(name:"affected", value:"LibreOffice version before 4.4.5 on
  Mac OS X.");

  script_tag(name:"solution", value:"Upgrade to LibreOffice version
  4.4.5 or 5.0.0 or later.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_xref(name:"URL", value:"https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/77486");
  script_xref(name:"URL", value:"https://www.libreoffice.org/about-us/security/advisories/cve-2015-5212");
  script_xref(name:"URL", value:"https://www.libreoffice.org/about-us/security/advisories/cve-2015-5213");
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_category(ACT_GATHER_INFO);
  script_family("General");
  script_dependencies("gb_libreoffice_detect_macosx.nasl");
  script_mandatory_keys("LibreOffice/MacOSX/Version");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!libreVer = get_app_version(cpe:CPE)){
  exit(0);
}

if(version_is_less(version:libreVer, test_version:"4.4.5"))
{
  report = 'Installed version: ' + libreVer + '\n' +
           'Fixed version:     4.4.5 or 5.0.0 or later\n';
  security_message(data:report);
  exit(0);
}

Related

nessus 16
kaspersky 2
openvas 13
mageia 1
centos 1
ubuntu 1
redhat 1
veracode 3
debian 1
osv 1
freebsd 2
oraclelinux 1
gentoo 2
prion 3
cve 3
debiancve 3
checkpoint_advisories 1
ubuntucve 3
nessus
nessus
LibreOffice < 4.4.5 Multiple Vulnerabilities (Mac OS X)
2015-11-17 00:00:00
LibreOffice < 4.4.5 Multiple Vulnerabilities
2015-11-17 00:00:00
Oracle Linux 6 / 7 : libreoffice (ELSA-2015-2619)
2015-12-15 00:00:00
kaspersky
kaspersky
KLA10699 Multiple vulnerabilities in LibreOffice
2015-11-10 00:00:00
KLA11372 Multiple vulnerabilities in OpenOffice
2015-11-10 00:00:00
openvas
openvas
LibreOffice Multiple Vulnerabilities (Nov 2015) - Windows
2015-11-16 00:00:00
Apache OpenOffice Multiple Vulnerabilities (Nov 2015) - Mac OS X
2015-11-16 00:00:00
Debian: Security Advisory (DSA-3394-1)
2015-11-04 00:00:00
mageia
mageia
Updated libreoffice packages fix security vulnerability
2015-11-11 00:26:39
centos
centos
autocorr, libreoffice security update
2015-12-14 23:10:44
ubuntu
ubuntu
LibreOffice vulnerabilities
2015-11-05 00:00:00
redhat
redhat
(RHSA-2015:2619) Moderate: libreoffice security update
2015-12-14 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-05-02 05:19:58
Buffer Overflow
2019-05-02 05:19:58
Information Disclosure
2019-01-15 09:09:06
debian
debian
[SECURITY] [DSA 3394-1] libreoffice security update
2015-11-05 18:47:46
osv
osv
libreoffice - security update
2015-11-05 00:00:00
freebsd
freebsd
OpenOffice 4.1.1 -- multiple vulnerabilities
2015-11-04 00:00:00
Apache OpenOffice 4.1.2 -- Memory Corruption Vulnerability (Impress Presentations)
2016-07-17 00:00:00
oraclelinux
oraclelinux
libreoffice security update
2015-12-14 00:00:00
gentoo
gentoo
LibreOffice, OpenOffice: Multiple vulnerabilities
2016-11-04 00:00:00
LibreOffice, OpenOffice: Multiple vulnerabilities
2016-03-09 00:00:00
prion
prion
Integer overflow
2015-11-10 17:59:00
Integer overflow
2015-11-10 17:59:00
Format string
2015-11-10 17:59:00
cve
cve
CVE-2015-5213
2015-11-10 17:59:00
CVE-2015-5212
2015-11-10 17:59:00
CVE-2015-4551
2015-11-10 17:59:00
debiancve
debiancve
CVE-2015-4551
2015-11-10 17:59:00
CVE-2015-5212
2015-11-10 17:59:00
CVE-2015-5213
2015-11-10 17:59:00
checkpoint_advisories
checkpoint_advisories
LibreOffice and OpenOffice ODF Document PrinterSetup Integer Underflow (CVE-2015-5212)
2016-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2015-5212
2015-11-03 00:00:00
CVE-2015-5213
2015-11-03 00:00:00
CVE-2015-4551
2015-11-03 00:00:00

7.6 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.095 Low

EPSS

Percentile

94.7%

JSON
Related for OPENVAS:1361412562310806598
nessus16kaspersky2openvas13mageia1centos1ubuntu1redhat1veracode3debian1osv1freebsd2oraclelinux1gentoo2prion3cve3debiancve3checkpoint_advisories1ubuntucve3