Linux Distros Unpatched Vulnerability : CVE-2018-10119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows...

RHEL 6 : libreoffice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreoffice: LibreLogo global-event script execution CVE-2019-9851 - A vulnerability in OpenOffice's PPT...

Mageia: Security Advisory (MGASA-2018-0271)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LibreOffice < 5.4.5 or 6.x < 6.0.1 Multiple Vulnerabilities (macOS)

The version of LibreOffice installed on the remote macOS host is either 5.x prior to 5.4.5 or 6.x prior to 6.0.1. It is, therefore, affected by the following vulnerabilities: - An arbitrary file read vulnerability exists in the COM.MICROSOFT.WEBSERVICE function due to improper validation of a URL...

LibreOffice < 5.4.5 or 6.x < 6.0.1 Multiple Vulnerabilities

The version of LibreOffice installed on the remote Windows host is either 5.x prior to 5.4.5 or 6.x prior to 6.0.1. It is, therefore, affected by the following vulnerabilities: - An arbitrary file read vulnerability exists in the COM.MICROSOFT.WEBSERVICE function due to improper validation of a U...

Scientific Linux Security Update : libreoffice on SL7.x x86_64 (20181030)

Security Fixes : - libreoffice: Use-after-free in sdstor/stgstrms.cxx:StgSmallStrm class allows for denial of service with crafted document CVE-2018-10119 - libreoffice: Out of bounds write in filter/ww8/ww8toolbar.cxx:SwCTBWrapper class allows for denial of service with crafted document...

RHEL 7 : libreoffice (RHSA-2018:3054)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3054 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor...

Security update for libreoffice (moderate)

This update for libreoffice to 6.0.4.2 fixes lots of bugs and also the following issues: Security issues fixed: - CVE-2018-10120: The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx did not validate a customizations index, which allowed remote attackers to cause a denial of...

openSUSE Security Update : libreoffice (openSUSE-2018-467)

This update for libreoffice to 6.0.4.2 fixes lots of bugs and also the following issues : Security issues fixed : - CVE-2018-10120: The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx did not validate a customizations index, which allowed remote attackers to cause a denial of...

openSUSE: Security Advisory for libreoffice (openSUSE-SU-2018:1311-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED12 Security Update : libreoffice (SUSE-SU-2018:1296-1)

This update for libreoffice to 6.0.4.2 fixes lots of bugs and also the following issues: Security issues fixed : - CVE-2018-10120: The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx did not validate a customizations index, which allowed remote attackers to cause a denial of...

Fedora Update for libreoffice FEDORA-2018-e87eb1ae68

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4178-1 : libreoffice - security update

Two vulnerabilities were discovered in LibreOffice's code to parse MS Word and Structured Storage files, which could result in denial of service and potentially the execution of arbitrary code if a malformed file is opened. C Tenable Network Security, Inc. The descriptive text and package checks ...

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service use-after-free with write access or possibly have unspecified other impact via a crafted...

KLA11596 SB vulnerability in LibreOffice

Use after free vulnerability was found in Structured Storage parser. Malicious users can exploit this vulnerability via writing to recently freed data to bypass security restrictions. Original advisories CVE-2018-10119 Use After Free in Structured Storage parser Related products LibreOffice CVE...

LibreOffice 'StgSmallStrm' Function Memory Corruption Vulnerability - Windows

LibreOffice is prone to a memory corruption vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2018-10119

The CVE-2018-10119 issue affects LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1. It: (1) targets the sdstor/stgstrms.cxx StgSmallStrm class, using an incorrect integer data type; (2) allows remote attackers to trigger a denial of service via a crafted document in the structured storage (OLE2 w...