rpm package
suse/libixion&distro=SUSE Linux Enterprise Desktop 12 SP3
pkg:rpm/suse/libixion&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-16858 | — | < 0.14.1-13.9.2 | 0.14.1-13.9.2 | Mar 25, 2019 | It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python metho | ||
| CVE-2018-6871 | — | < 0.13.0-13.6.1 | 0.13.0-13.6.1 | Feb 9, 2018 | LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. | ||
| CVE-2017-9433 | Cri | 9.8 | < 0.12.1-13.2.1 | 0.12.1-13.2.1 | Jun 5, 2017 | Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx. | |
| CVE-2017-9432 | Cri | 9.8 | < 0.13.0-13.6.1 | 0.13.0-13.6.1 | Jun 5, 2017 | Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx. | |
| CVE-2017-8358 | Cri | 9.8 | < 0.12.1-13.2.1 | 0.12.1-13.2.1 | Apr 30, 2017 | LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. | |
| CVE-2017-7882 | Cri | 9.8 | < 0.12.1-13.2.1 | 0.12.1-13.2.1 | Apr 15, 2017 | LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | |
| CVE-2017-7870 | Cri | 9.8 | < 0.12.1-13.2.1 | 0.12.1-13.2.1 | Apr 14, 2017 | LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | |
| CVE-2016-10327 | Cri | 9.8 | < 0.12.1-13.2.1 | 0.12.1-13.2.1 | Apr 14, 2017 | LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. | |
| CVE-2015-8947 | Hig | 7.6 | < 0.12.1-13.2.1 | 0.12.1-13.2.1 | Jul 19, 2016 | hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052. | |
| CVE-2016-2052 | Hig | 7.6 | < 0.12.1-13.2.1 | 0.12.1-13.2.1 | Jan 25, 2016 | Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check |
- CVE-2018-16858Mar 25, 2019affected < 0.14.1-13.9.2fixed 0.14.1-13.9.2
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python metho
- CVE-2018-6871Feb 9, 2018affected < 0.13.0-13.6.1fixed 0.13.0-13.6.1
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.
- affected < 0.12.1-13.2.1fixed 0.12.1-13.2.1
Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx.
- affected < 0.13.0-13.6.1fixed 0.13.0-13.6.1
Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx.
- affected < 0.12.1-13.2.1fixed 0.12.1-13.2.1
LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.
- affected < 0.12.1-13.2.1fixed 0.12.1-13.2.1
LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.
- affected < 0.12.1-13.2.1fixed 0.12.1-13.2.1
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
- affected < 0.12.1-13.2.1fixed 0.12.1-13.2.1
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
- affected < 0.12.1-13.2.1fixed 0.12.1-13.2.1
hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052.
- affected < 0.12.1-13.2.1fixed 0.12.1-13.2.1
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check