Posts Tagged ‘LibreOffice’

LibreOfficeAffected products: LibreOffice 3.x

Affected versions: LibreOffice versions up to 3.5.5.

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system.

1. An error in the processing hierarchy of tags in XML-files. This can be exploited to cause a heap overflow.

2. The vulnerability is caused due to a boundary error when duplicating some tags in XML-files. This can be exploited to cause a heap overflow.

3. An error in the implementation of the decoder Base64 when exporting XML-files. This can be exploited to cause a heap overflow. (more…)