Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29647
HistoryJul 29, 2013 - 12:00 a.m.

CVE-2013-4156: OpenOffice DOCM Memory Corruption Vulnerability

2013-07-2900:00:00
vulners.com
20
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2013-4156
OpenOffice DOCM Memory Corruption Vulnerability

Severity: Important
Vendor: The Apache Software Foundation

Versions Affected:
Apache OpenOffice 3.4.0 and 3.4.1, on all platforms.
Predecessor versions of OpenOffice.org may be also affected.

Description:

 The vulnerability is caused by mishandling of unknown XML elements

when parsing a OOXML document file. Specially crafted documents can be
used for memory-corruption attacks. Further exploits are possible but
have not been verified.

Mitigation

 Apache OpenOffice 3.4.0 and 3.4.1 users are advised to upgrade to

Apache OpenOffice 4.0. Users who are unable to upgrade immediately
should be cautious when opening untrusted documents.

Credits

 The Apache OpenOffice Security Team credits Jeremy Brown of

Microsoft Vulnerability Research as the discoverer of this flaw.

Herbert Durr
Member of the Apache OpenOffice Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJR8g+LAAoJEDfnuKc+PLjJPmkP/j3BnqefvmPbTicx8cZR+Q+I
Y0EqD/2Kvu0qQw6v7S27CnHVpErh9tvEfDViZpXz8hyds3LgVCxOQjFp+XSqvDTW
Ut4Ug1tx7N8+RcpTW7qM0/wRRWdjZIdh8sTrtkB93bqbJguLiYk3KWqK2cxW11q6
1fQitnAegZNRVZnSU0rGGVfnc26ulvS0gljpNqhvDit9jOXw5MC+aN05XmCrx/qK
NrGUUPJeiyi/5g0xxx4ig/N0/EvO1iZmQAGEE7O24tsoP1hqvuySI0U1kLIhI//x
ZdeK4JukZm2OQq0ACXJYhrU0mhfCfdaRW0U4NWiTpBbwfsn0uAMPBhXSO9O+YPQj
sWUzLixEg+4EtTQss9oGW+CBaZz+HfErIIUj2rxT01SDlbcfa4ME5giFGC0UO9Ai
1N+GHd8IyWegwUBWV3FSZ9fCbDjaQUCv8cYN3zMo/xl/AsA9LKEsJ0l51B1WnHnY
nwoXunUdgUL06blCZ4rwTzoFqSSPrCBDb/ff/PREGvJU4LOFTp6IrxgDH3ODSAE4
jOMuFCjhdDnx7WWDwxi9JnBYE4CwXmhlYNdSdie4pUP6BAq4e2I6kYRkKA3rWf2h
CEj1FreYvaYV4OFVcF8wVpP1w5vFgOlOKOy19Y/gP5B29qe2O5qIrFmnx8gPV2iV
7kLeWn4ZPoGXoPkC3TYa
=4hNB
-----END PGP SIGNATURE-----

Related

debiancve 1
nessus 5
cve 1
seebug 1
prion 1
kaspersky 1
ubuntucve 1
suse 2
securityvulns 1
openvas 2
debiancve
debiancve
CVE-2013-4156
2013-07-31 13:20:00
nessus
nessus
LibreOffice < 3.6.7 / 4.0.4 / 4.1.0 .docm Import DoS (Mac OS X)
2014-04-04 00:00:00
LibreOffice < 3.6.7 / 4.0.4 / 4.1.0 .docm Import DoS
2014-04-04 00:00:00
openSUSE Security Update : LibreOffice (openSUSE-SU-2014:1126-1)
2014-09-16 00:00:00
cve
cve
CVE-2013-4156
2013-07-31 13:20:00
seebug
seebug
Apache OpenOffice DOCM内存破坏漏洞(CVE-2013-4156)
2013-07-30 00:00:00
prion
prion
Memory corruption
2013-07-31 13:20:00
kaspersky
kaspersky
KLA10243 DoS vulnerability in LibreOffice
2013-07-31 00:00:00
ubuntucve
ubuntucve
CVE-2013-4156
2013-07-31 00:00:00
suse
suse
Security update for LibreOffice (important)
2014-09-11 15:04:17
LibreOffice: two security fixes (important)
2014-09-15 09:04:13
securityvulns
securityvulns
Apache OpenOffice security vulnerabilities
2013-07-29 00:00:00
openvas
openvas
openSUSE: Security Advisory for LibreOffice (openSUSE-SU-2014:1126-1)
2014-09-16 00:00:00
SUSE: Security Advisory for LibreOffice (SUSE-SU-2014:1116-1)
2015-10-16 00:00:00
JSON
Related for SECURITYVULNS:DOC:29647
debiancve1nessus5cve1seebug1prion1kaspersky1ubuntucve1suse2securityvulns1openvas2