Download
| Alert*
oval:org.secpod.oval:def:33716
LibreOffice is installed oval:org.secpod.oval:def:40421 The host is installed with LibreOffice before 5.2.5 and is prone to a heap-buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted wmf file. Successful exploitation could allow remote attackers to trigger a heap buffer overflow. oval:org.secpod.oval:def:40420 The host is installed with LibreOffice before 5.2.5 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted emf file. Successful exploitation could allow remote attackers to trigger a heap buffer overflow. oval:org.secpod.oval:def:40419 The host is installed with LibreOffice before 5.1.6 or 5.2.x before 5.2.2 and is prone to an arbitrary file disclosure vulnerability. A flaw is present in the application, which fails to handle embedded object. Successful exploitation could allow remote attackers to expose details of the environment ... oval:org.secpod.oval:def:63276 LibreOffice 6.4.x is installed oval:org.secpod.oval:def:35967 The host is installed with LibreOffice before 5.1.4.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle a crafted RTF file, related to stylesheet and supercript tokens. Successful exploitation could allow remote attackers to execute arbitrar ... oval:org.secpod.oval:def:44394 The host is installed with LibreOffice before 5.4.5 or 6.0 before 6.0.1 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle =WEBSERVICE calls in a document. Successful exploitation could allow remote attackers to read arbitrary f ... oval:org.secpod.oval:def:45294 The host is installed with LibreOffice before 5.4.6.1 or 6.x before 6.0.2.1 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly validate a customizations index. Successful exploitation could allow remote attackers to crash the ser ... oval:org.secpod.oval:def:45295 The host is installed with LibreOffice before 5.4.5 or 6.x before 6.0.1 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle an incorrect integer data type in the StgSmallStrm class. Successful exploitation could allow remote attackers ... oval:org.secpod.oval:def:84996 The host is installed with LibreOffice 7.3.x before 7.3.6 or 7.4.x before 7.4.1 and is prone to an improper input validation vulnerability. A flaw is present in the application, which fails to properly handle office URI schemes. Successful exploitation allows attackers to call internal macros with a ... oval:org.secpod.oval:def:63274 The host is installed with LibreOffice 6.3.x before 6.3.6 or 6.4.x before 6.4.3 and is prone to a missing encryption vulnerability. A flaw is present in the application, which fails to handle encryption of auto-saved non ODF file format upon subsequent saves after crash. Successful exploitation coul ... |