CVE-2016-0794 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libreoffice

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents7 sources

Severity

7.8HIGHNVD

EPSS

0.5%

top 34.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libreoffice Debian Libreoffice Canonical Ubuntu Linux

Timeline

PublishedFeb 18

Latest updateMay 14

Description

The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/libreoffice< libreoffice 1:5.0.5~rc1-1 (bookworm)

▶Debianlibreoffice/libreoffice< 1:5.0.5~rc1-1+3

▶NVDlibreoffice/libreoffice5.0.3

Also affects: Ubuntu Linux 12.04, 14.04, 15.10

🔴Vulnerability Details

GHSA

GHSA-h7v3-vhmj-p7g5: The lwp filter in LibreOffice before 5↗2022-05-14

▶

OSV

CVE-2016-0794: The lwp filter in LibreOffice before 5↗2016-02-18

▶

📋Vendor Advisories

Ubuntu

LibreOffice vulnerabilities↗2016-02-16

▶

Red Hat

libreoffice: Multiple out-of-bounds overflows in lwp filter↗2016-02-15

▶

Debian

CVE-2016-0794: libreoffice - The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a de...↗2016

▶

💬Community

Bugzilla

CVE-2016-4049 quagga: denial of service vulnerability in BGP routing daemon↗2016-04-28

▶

Bugzilla

CVE-2016-0794 CVE-2016-0795 libreoffice: Multiple out-of-bounds overflows in lwp filter [fedora-all]↗2016-02-17

▶

Bugzilla

CVE-2016-0794 CVE-2016-0795 libreoffice: Multiple out-of-bounds overflows in lwp filter↗2016-02-11

▶