CVE-2016-0795 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libreoffice

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents7 sources

Severity

7.8HIGHNVD

EPSS

0.5%

top 32.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libreoffice Debian Libreoffice Canonical Ubuntu Linux

Timeline

PublishedFeb 18

Latest updateMay 14

Description

LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/libreoffice< libreoffice 1:5.0.5~rc1-1 (bookworm)

▶Debianlibreoffice/libreoffice< 1:5.0.5~rc1-1+3

▶NVDlibreoffice/libreoffice5.0.4

Also affects: Ubuntu Linux 12.04, 14.04, 15.10

🔴Vulnerability Details

GHSA

GHSA-8w74-7x35-c5pw: LibreOffice before 5↗2022-05-14

▶

OSV

CVE-2016-0795: LibreOffice before 5↗2016-02-18

▶

📋Vendor Advisories

Ubuntu

LibreOffice vulnerabilities↗2016-02-16

▶

Red Hat

libreoffice: Multiple out-of-bounds overflows in lwp filter↗2016-02-15

▶

Debian

CVE-2016-0795: libreoffice - LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (m...↗2016

▶

💬Community

Bugzilla

CVE-2016-0794 CVE-2016-0795 libreoffice: Multiple out-of-bounds overflows in lwp filter [fedora-all]↗2016-02-17

▶

Bugzilla

CVE-2016-0794 CVE-2016-0795 libreoffice: Multiple out-of-bounds overflows in lwp filter↗2016-02-11

▶