Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.851049 |
Categoría: | SuSE Local Security Checks |
Título: | SUSE: Security Advisory for LibreOffice (SUSE-SU-2014:1116-1) |
Resumen: | The remote host is missing an update for the 'LibreOffice'; package(s) announced via the referenced advisory. |
Descripción: | Summary: The remote host is missing an update for the 'LibreOffice' package(s) announced via the referenced advisory. Vulnerability Insight: LibreOffice was updated to version 4.0.3.3.26. (SUSE 4.0-patch26, tag suse-4.0-26, based on upstream 4.0.3.3). Two security issues have been fixed: * DOCM memory corruption vulnerability. (CVE-2013-4156, bnc#831578) * Data exposure using crafted OLE objects. (CVE-2014-3575, bnc#893141) The following non-security issues have been fixed: * chart shown flipped (bnc#834722) * chart missing dataset (bnc#839727) * import new line in text (bnc#828390) * lines running off screens (bnc#819614) * add set-all language menu (bnc#863021) * text rotation (bnc#783433, bnc#862510) * page border shadow testcase (bnc#817956) * one more clickable field fix (bnc#802888) * multilevel labels are rotated (bnc#820273) * incorrect nested table margins (bnc#816593) * use BitmapURL only if its valid (bnc#821567) * import gradfill for text colors (bnc#870234) * fix undo of paragraph attributes (bnc#828598) * stop-gap solution to avoid crash (bnc#830205) * import images with duotone filter (bnc#820077) * missing drop downs for autofilter (bnc#834705) * typos in first page style creation (bnc#820836) * labels wrongly interpreted as dates (bnc#834720) * RTF import of fFilled shape property (bnc#825305) * placeholders text size is not correct (bnc#831457) * cells value formatted with wrong output (bnc#821795) * RTF import of freeform shape coordinates (bnc#823655) * styles (rename & ) copy to different decks (bnc#757432) * XLSX Chart import with internal data table (bnc#819822) * handle M.d.yyyy date format in DOCX import (bnc#820509) * paragraph style in empty first page header (bnc#823651) * copying slides having same master page name (bnc#753460) * printing handouts using the default, 'Order' (bnc#835985) * wrap polygon was based on dest size of picture (bnc#820800) * added common flags support for SEQ field import (bnc#825976) * hyperlinks of illustration index in DOCX export (bnc#834035) * allow insertion of redlines with an empty author (bnc#837302) * handle drawinglayer rectangle inset in VML import (bnc#779642) * don't apply complex font size to non-complex font (bnc#820819) * issue with negative seeks in win32 shell extension (bnc#829017) * slide appears quite garbled when imported from PPTX (bnc#593612) * initial MCE support in writerfilter ooxml tokenizer (bnc#820503) * MSWord uses \xb for linebreaks in DB fields, take 2 (bnc#878854) * try harder to convert floating tables to text frames (bnc#779620) * itemstate in parent style incorrectly reported as set (bnc#819865) * default color h ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: LibreOffice on SUSE Linux Enterprise Desktop 11 SP3 Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-4156 Bugtraq: 20130726 CVE-2013-4156: OpenOffice DOCM Memory Corruption Vulnerability (Google Search) http://seclists.org/bugtraq/2013/Jul/174 http://osvdb.org/95706 Common Vulnerability Exposure (CVE) ID: CVE-2014-3575 BugTraq ID: 69354 http://www.securityfocus.com/bid/69354 Bugtraq: 20140821 CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects (Google Search) http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html https://security.gentoo.org/glsa/201603-05 RedHat Security Advisories: RHSA-2015:0377 http://rhn.redhat.com/errata/RHSA-2015-0377.html http://www.securitytracker.com/id/1030754 http://secunia.com/advisories/59600 http://secunia.com/advisories/59877 XForce ISS Database: apache-openoffice-cve20143575-info-disc(95420) https://exchange.xforce.ibmcloud.com/vulnerabilities/95420 |
Copyright | Copyright (C) 2015 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |