Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.805604
Categoría:General
Título:LibreOffice Multiple Vulnerabilities May15 (Windows)
Resumen:The host is installed with LibreOffice; and is prone to multiple vulnerabilities.
Descripción:Summary:
The host is installed with LibreOffice
and is prone to multiple vulnerabilities.

Vulnerability Insight:
The flaw is due to an overflow condition
in the Hangul Word Processor (HWP) filter that is triggered as user-supplied
input is not properly validated

Vulnerability Impact:
Successful exploitation will allow a
remote attacker to cause a denial of service or possibly execute arbitrary
code via a crafted HWP document access.

Affected Software/OS:
LibreOffice version before 4.3.7 and
4.4.x before 4.4.2 on Windows.

Solution:
Upgrade to LibreOffice version
4.3.7 or 4.4.2 or later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: BugTraq ID: 74338
Common Vulnerability Exposure (CVE) ID: CVE-2015-1774
http://www.securityfocus.com/bid/74338
Debian Security Information: DSA-3236 (Google Search)
http://www.debian.org/security/2015/dsa-3236
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html
https://security.gentoo.org/glsa/201603-05
https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094
RedHat Security Advisories: RHSA-2015:1458
http://rhn.redhat.com/errata/RHSA-2015-1458.html
http://www.securitytracker.com/id/1032205
http://www.securitytracker.com/id/1032206
SuSE Security Announcement: openSUSE-SU-2015:0859 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html
http://www.ubuntu.com/usn/USN-2578-1
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.