rpm package
suse/libmwaw&distro=SUSE Linux Enterprise Workstation Extension 12 SP3
pkg:rpm/suse/libmwaw&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-6871 | — | < 0.3.13-7.9.1 | 0.3.13-7.9.1 | Feb 9, 2018 | LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. | ||
| CVE-2017-9433 | Cri | 9.8 | < 0.3.11-7.5.1 | 0.3.11-7.5.1 | Jun 5, 2017 | Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx. | |
| CVE-2017-9432 | Cri | 9.8 | < 0.3.13-7.9.1 | 0.3.13-7.9.1 | Jun 5, 2017 | Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx. | |
| CVE-2017-8358 | Cri | 9.8 | < 0.3.11-7.5.1 | 0.3.11-7.5.1 | Apr 30, 2017 | LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. | |
| CVE-2017-7882 | Cri | 9.8 | < 0.3.11-7.5.1 | 0.3.11-7.5.1 | Apr 15, 2017 | LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | |
| CVE-2017-7870 | Cri | 9.8 | < 0.3.11-7.5.1 | 0.3.11-7.5.1 | Apr 14, 2017 | LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | |
| CVE-2016-10327 | Cri | 9.8 | < 0.3.11-7.5.1 | 0.3.11-7.5.1 | Apr 14, 2017 | LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. | |
| CVE-2015-8947 | Hig | 7.6 | < 0.3.11-7.5.1 | 0.3.11-7.5.1 | Jul 19, 2016 | hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052. | |
| CVE-2016-2052 | Hig | 7.6 | < 0.3.11-7.5.1 | 0.3.11-7.5.1 | Jan 25, 2016 | Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check |
- CVE-2018-6871Feb 9, 2018affected < 0.3.13-7.9.1fixed 0.3.13-7.9.1
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.
- affected < 0.3.11-7.5.1fixed 0.3.11-7.5.1
Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx.
- affected < 0.3.13-7.9.1fixed 0.3.13-7.9.1
Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx.
- affected < 0.3.11-7.5.1fixed 0.3.11-7.5.1
LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.
- affected < 0.3.11-7.5.1fixed 0.3.11-7.5.1
LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.
- affected < 0.3.11-7.5.1fixed 0.3.11-7.5.1
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
- affected < 0.3.11-7.5.1fixed 0.3.11-7.5.1
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
- affected < 0.3.11-7.5.1fixed 0.3.11-7.5.1
hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052.
- affected < 0.3.11-7.5.1fixed 0.3.11-7.5.1
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check