CVE-2015-5213

CWE-189 CWE-190 — Integer Overflow9 documents8 sources

Severity

6.8MEDIUM

EPSS

22.8%

top 4.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Openoffice Libreoffice Libreoffice Canonical Ubuntu Linux +1 more

Timeline

PublishedNov 10

Latest updateMay 17

Description

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶NVDapache/openoffice4.1.1

▶Debianlibreoffice< 1:5.0.1~rc1-1+3

▶NVDlibreoffice/libreoffice4.4.4

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, 15.04

🔴Vulnerability Details

GHSA

GHSA-4jm9-44mg-28r7: Integer overflow in LibreOffice before 4↗2022-05-17

▶

OSV

CVE-2015-5213: Integer overflow in LibreOffice before 4↗2015-11-10

▶

CVEList

CVE-2015-5213: Integer overflow in LibreOffice before 4↗2015-11-10

▶

📋Vendor Advisories

Ubuntu

LibreOffice vulnerabilities↗2015-11-05

▶

Red Hat

libreoffice: Integer overflow in DOC files↗2015-11-04

▶

Debian

CVE-2015-5213: libreoffice - Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 ...↗2015

▶

💬Community

Bugzilla

CVE-2015-5213 libreoffice: Integer overflow in DOC files [fedora-all]↗2015-11-06

▶

Bugzilla

CVE-2015-5213 libreoffice: Integer overflow in DOC files↗2015-11-06

▶