SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   LibreOffice Vendors:   libreoffice.org
(Oracle Issues Fix for Oracle Linux) LibreOffice Bugs Let Remote Users Obtain Files and Execute Arbitrary Code
SecurityTracker Alert ID:  1034416
SecurityTracker URL:  http://securitytracker.com/id/1034416
CVE Reference:   CVE-2015-4551, CVE-2015-5212, CVE-2015-5213   (Links to External Site)
Date:  Dec 14 2015
Impact:   Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 4.4.5
Description:   Several vulnerabilities were reported in LibreOffice. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain files on the target system.

A remote user can create a specially crafted document that, when loaded by the target user, will trigger a bug in the handling of documents inserted into Writer or Calc via links and access arbitrary documents on the target user's system [CVE-2015-4551].

Federico "fox" Scrinzi reported this vulnerability.

A remote user can create an ODF file containing specially crafted PrinterSetup data that, when loaded by the target user, will execute arbitrary code on the target user's system [CVE-2015-5212].

A remote user can create a specially crafted DOC file that, when loaded by the target user, will trigger an integer overflow and execute arbitrary code on the target user's system [CVE-2015-5213].

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code or obtain files on the target user's system.
Solution:   Oracle has issued a fix.

The Oracle Linux advisory is available at:

http://linux.oracle.com/errata/ELSA-2015-2619.html

Vendor URL:  linux.oracle.com/errata/ELSA-2015-2619.html (Links to External Site)
Cause:   Access control error, Boundary error
Underlying OS:  Linux (Oracle)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
Nov 5 2015 LibreOffice Bugs Let Remote Users Obtain Files and Execute Arbitrary Code



 Source Message Contents

Subject:  [El-errata] ELSA-2015-2619 Moderate: Oracle Linux 7 libreoffice security update

Oracle Linux Security Advisory ELSA-2015-2619

http://linux.oracle.com/errata/ELSA-2015-2619.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
autocorr-af-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-bg-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-ca-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-cs-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-da-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-de-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-en-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-es-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-fa-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-fi-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-fr-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-ga-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-hr-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-hu-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-is-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-it-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-ja-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-ko-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-lb-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-lt-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-mn-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-nl-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-pl-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-pt-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-ro-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-ru-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-sk-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-sl-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-sr-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-sv-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-tr-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-vi-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
autocorr-zh-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
libreoffice-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-base-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-bsh-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-calc-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-core-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-draw-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-emailmerge-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-filters-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-gdb-debug-support-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-glade-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-graphicfilter-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-headless-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-impress-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-af-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ar-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-as-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-bg-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-bn-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-br-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ca-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-cs-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-cy-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-da-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-de-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-dz-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-el-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-en-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-es-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-et-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-eu-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-fa-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-fi-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-fr-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ga-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-gl-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-gu-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-he-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-hi-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-hr-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-hu-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-it-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ja-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-kk-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-kn-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ko-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-lt-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-lv-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-mai-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ml-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-mr-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-nb-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-nl-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-nn-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-nr-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-nso-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-or-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-pa-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-pl-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-pt-BR-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-pt-PT-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ro-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ru-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-si-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-sk-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-sl-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-sr-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ss-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-st-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-sv-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ta-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-te-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-th-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-tn-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-tr-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ts-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-uk-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-ve-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-xh-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-zh-Hans-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-zh-Hant-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-langpack-zu-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-librelogo-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-math-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-nlpsolver-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-officebean-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-ogltrans-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-opensymbol-fonts-4.3.7.2-5.0.1.el7_2.1.noarch.rpm
libreoffice-pdfimport-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-postgresql-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-pyuno-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-rhino-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-sdk-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-sdk-doc-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-ure-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-wiki-publisher-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-writer-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm
libreoffice-xsltfilter-4.3.7.2-5.0.1.el7_2.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libreoffice-4.3.7.2-5.0.1.el7_2.1.src.rpm



Description of changes:

[4.3.7.2-5.0.1.1]
- Replaced RedHat colors with Oracle colors, and the filename redhat.soc 
with oracle.soc in specfile
- Build with --with-vendor="Oracle America, Inc."

[1:4.3.7.2-5.1]
- Resolves: rhbz#1285820 various flaws
- CVE-2015-4551 Arbitrary file disclosure in Calc and Writer
- CVE-2015-5212 Integer underflow in PrinterSetup length
- CVE-2015-5213 Integer overflow in DOC files
- CVE-2015-5214 Bookmarks in DOC documents are insufficiently checked
   causing memory corruption


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC