Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2015-5214

Published: 10/11/2015 Updated: 01/07/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Canonical

Vulnerability Summary

LibreOffice prior to 4.4.6 and 5.x prior to 5.0.1 and Apache OpenOffice prior to 4.1.2 allows remote malicious users to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

canonical ubuntu linux 15.04

debian debian linux 7.0

debian debian linux 8.0

libreoffice libreoffice

apache openoffice

Vendor Advisories

Red Hat: Moderate: libreoffice security update
Synopsis Moderate: libreoffice security update Type/Severity Security Advisory: Moderate Topic Updated libreoffice packages that fixes multiple security issues are nowavailable for Red Hat Enterprise Linux 6 and 7Red Hat Product Security has rated this update as having Moderate securityimpact Common Vulne ...
Ubuntu Security Notice: libreoffice vulnerabilities
Several security issues were fixed in LibreOffice ...
Debian Security Advisories: DSA-3394-1 libreoffice -- security update
Multiple vulnerabilities have been discovered in LibreOffice, a full-featured office productivity: CVE-2015-4551 Federico Scrinzi discovered an information leak in the handling of ODF documents Quoting from wwwlibreofficeorg/about-us/security/advisories/cve-2015-4551/: The LinkUpdateMode feature controls whether document ...
Red Hat: CVE-2015-5214
It was discovered that LibreOffice did not properly sanity check bookmark indexes By tricking a user into opening a specially crafted document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file ...

References

CWE-119http://www.debian.org/security/2015/dsa-3394http://www.ubuntu.com/usn/USN-2793-1http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/http://www.openoffice.org/security/cves/CVE-2015-5214.htmlhttp://www.securitytracker.com/id/1034086http://www.securitytracker.com/id/1034091http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/77486https://security.gentoo.org/glsa/201603-05http://rhn.redhat.com/errata/RHSA-2015-2619.htmlhttps://security.gentoo.org/glsa/201611-03https://access.redhat.com/errata/RHSA-2015:2619https://usn.ubuntu.com/2793-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-5214
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook