Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2015-5213

Published: 10/11/2015 Updated: 01/07/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Debian

Vulnerability Summary

Integer overflow in LibreOffice prior to 4.4.5 and Apache OpenOffice prior to 4.1.2 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

Vulnerable Product Search on Vulmon Subscribe to Product

debian debian linux 7.0

canonical ubuntu linux 14.04

canonical ubuntu linux 15.04

debian debian linux 8.0

canonical ubuntu linux 12.04

apache openoffice

libreoffice libreoffice

Vendor Advisories

Red Hat: Moderate: libreoffice security update
Synopsis Moderate: libreoffice security update Type/Severity Security Advisory: Moderate Topic Updated libreoffice packages that fixes multiple security issues are nowavailable for Red Hat Enterprise Linux 6 and 7Red Hat Product Security has rated this update as having Moderate securityimpact Common Vulne ...
Ubuntu Security Notice: libreoffice vulnerabilities
Several security issues were fixed in LibreOffice ...
Debian Security Advisories: DSA-3394-1 libreoffice -- security update
Multiple vulnerabilities have been discovered in LibreOffice, a full-featured office productivity: CVE-2015-4551 Federico Scrinzi discovered an information leak in the handling of ODF documents Quoting from wwwlibreofficeorg/about-us/security/advisories/cve-2015-4551/: The LinkUpdateMode feature controls whether document ...
Red Hat: CVE-2015-5213
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way LibreOffice processed certain Microsoft Word doc files By tricking a user into opening a specially crafted Microsoft Word doc document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file ...

References

CWE-189http://www.debian.org/security/2015/dsa-3394http://www.ubuntu.com/usn/USN-2793-1http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/http://www.openoffice.org/security/cves/CVE-2015-5213.htmlhttp://www.securitytracker.com/id/1034091http://www.securitytracker.com/id/1034085http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/77486https://security.gentoo.org/glsa/201603-05http://rhn.redhat.com/errata/RHSA-2015-2619.htmlhttps://security.gentoo.org/glsa/201611-03https://access.redhat.com/errata/RHSA-2015:2619https://usn.ubuntu.com/2793-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-5213
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-35977CVE-2023-49335man-in-the-middleCVE-2024-4947CVE-2024-31714memory leakSQLCVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook