Debian Libreoffice vulnerabilities

74 known vulnerabilities affecting debian/libreoffice.

Total CVEs
74
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH32MEDIUM13LOW21

Vulnerabilities

Page 4 of 4
CVE-2015-5213MEDIUMCVSS 6.8fixed in libreoffice 1:5.0.1~rc1-1 (bookworm)2015
CVE-2015-5213 [MEDIUM] CVE-2015-5213: libreoffice - Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 ... Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow. Scope: local bookworm: resolved (fixed in 1:5.0.1~rc1-1) bullseye: resolved (fixed in 1:5.0.1~rc1-1
debian
CVE-2015-4551MEDIUMCVSS 4.3fixed in libreoffice 1:5.0.1~rc1-1 (bookworm)2015
CVE-2015-4551 [MEDIUM] CVE-2015-4551: libreoffice - LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored Link... LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer. Scope: local bookworm: resol
debian
CVE-2014-0247CRITICALCVSS 10.0fixed in libreoffice 1:4.2.5-1 (bookworm)2014
CVE-2014-0247 [CRITICAL] CVE-2014-0247: libreoffice - LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspe... LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx. Scope: local bookworm: resolved (fixed in 1:4.2.5-1) bullseye: resolved (fixed in 1:4.2.5-1) forky: resolved (fixed in 1:4.2.5-1) sid: resolved (fixed in 1:4.2.5-1) trixie: resolved (fixed in 1:4.2.5-1)
debian
CVE-2014-3693HIGHCVSS 7.5fixed in libreoffice 1:4.3.3~rc2~git20141011-1 (bookworm)2014
CVE-2014-3693 [HIGH] CVE-2014-3693: libreoffice - Use-after-free vulnerability in the socket manager of Impress Remote in LibreOff... Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599. Scope: local bookworm: resolved (fixed in 1:4.3.3~rc2~git20141011-1) bullseye: resolved (fixed in 1:4.3.3~
debian
CVE-2014-9093HIGHCVSS 7.5fixed in libreoffice 1:4.3.3-2 (bookworm)2014
CVE-2014-9093 [HIGH] CVE-2014-9093: libreoffice - LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (i... LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file. Scope: local bookworm: resolved (fixed in 1:4.3.3-2) bullseye: resolved (fixed in 1:4.3.3-2) forky: resolved (fixed in 1:4.3.3-2) sid: resolved (fixed in 1:4.3.3-2) trixie: resolved (fixed in
debian
CVE-2013-2189LOWCVSS 6.8fixed in libreoffice 1:3.4.3-1 (bookworm)2013
CVE-2013-2189 [MEDIUM] CVE-2013-2189: libreoffice - Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial... Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file. Scope: local bookworm: resolved (fixed in 1:3.4.3-1) bullseye: resolved (fixed in 1:3.4.3-1) forky: resolved (fixed in 1:3.4.3-1) sid: resolved (fixed in 1:3.4.3-1)
debian
CVE-2013-4156LOWCVSS 6.8fixed in libreoffice 1:4.1.0-1 (bookworm)2013
CVE-2013-4156 [MEDIUM] CVE-2013-4156: libreoffice - Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial... Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file. Scope: local bookworm: resolved (fixed in 1:4.1.0-1) bullseye: resolved (fixed in 1:4.1.0-1) forky: resolved (fixed in 1:4.1.0-1) sid: resolved (fixed in 1:4.1.0
debian
CVE-2012-2665HIGHCVSS 7.5fixed in libreoffice 1:3.5.4-7 (bookworm)2012
CVE-2012-2665 [HIGH] CVE-2012-2665: libreoffice - Multiple heap-based buffer overflows in the XML manifest encryption tag parsing ... Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 Che
debian
CVE-2012-1149HIGHCVSS 7.5fixed in libreoffice 1:3.4.5-1 (bookworm)2012
CVE-2012-1149 [HIGH] CVE-2012-1149: libreoffice - Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, ... Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overf
debian
CVE-2012-2334MEDIUMCVSS 6.8fixed in libreoffice 1:3.5.2~rc2-1 (bookworm)2012
CVE-2012-2334 [MEDIUM] CVE-2012-2334: libreoffice - Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) ... Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow. Scope: lo
debian
CVE-2012-4233LOWCVSS 4.3fixed in libreoffice 1:3.5.4+dfsg-3 (bookworm)2012
CVE-2012-4233 [MEDIUM] CVE-2012-4233: libreoffice - LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo... LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (
debian
CVE-2012-5639LOWCVSS 6.52012
CVE-2012-5639 [MEDIUM] CVE-2012-5639: libreoffice - LibreOffice and OpenOffice automatically open embedded content LibreOffice and OpenOffice automatically open embedded content Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open
debian
CVE-2011-2685CRITICALCVSS 9.3fixed in libreoffice 1:3.3.3-1 (bookworm)2011
CVE-2011-2685 [CRITICAL] CVE-2011-2685: libreoffice - Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice b... Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file. Scope: local bookworm: resolved (fixed in 1:3.3.3-1) bullseye: resolved (fixed in 1:3.3.3-1) forky: resolved (fixed in 1:3.3.3-1) sid: resolved (fixed in 1:3.3.3-1) trixie: resolved (fixed in 1:3
debian
CVE-2011-2713MEDIUMCVSS 4.3fixed in libreoffice 1:3.4.3-1 (bookworm)2011
CVE-2011-2713 [MEDIUM] CVE-2011-2713: libreoffice - oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assist... oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser. Scope: local bookworm: resolved (fixed in 1:3.4.3-1) bullseye: resolved (fixed in 1:3.4.3-1) forky: resolved (fixed in 1:3.4.3-1) sid: resolved
debian
← Previous4 / 4
Debian Libreoffice vulnerabilities | cvebase