rpm package
suse/libwps&distro=SUSE Linux Enterprise Software Development Kit 12 SP3
pkg:rpm/suse/libwps&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-16858 | — | < 0.4.10-10.13.2 | 0.4.10-10.13.2 | Mar 25, 2019 | It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python metho | ||
| CVE-2018-6871 | — | < 0.4.7-10.7.1 | 0.4.7-10.7.1 | Feb 9, 2018 | LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. | ||
| CVE-2017-9433 | Cri | 9.8 | < 0.4.7-10.7.1 | 0.4.7-10.7.1 | Jun 5, 2017 | Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx. | |
| CVE-2017-9432 | Cri | 9.8 | < 0.4.7-10.7.1 | 0.4.7-10.7.1 | Jun 5, 2017 | Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx. |
- CVE-2018-16858Mar 25, 2019affected < 0.4.10-10.13.2fixed 0.4.10-10.13.2
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python metho
- CVE-2018-6871Feb 9, 2018affected < 0.4.7-10.7.1fixed 0.4.7-10.7.1
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.
- affected < 0.4.7-10.7.1fixed 0.4.7-10.7.1
Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx.
- affected < 0.4.7-10.7.1fixed 0.4.7-10.7.1
Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to the DatabaseName::read function in lib/StarWriterStruct.cxx.