LibreOffice 'DOC' File Denial Of Service Vulnerability (Windows) Network Vulnerability

Summary

This host is installed with LibreOffice and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code on the target system or cause denial of service. Impact Level: Application.

Solution

Upgrade to LibreOffice version 3.4.3 or later. For updates refer to http://www.libreoffice.org/download/

Insight

The flaw is due to an error in 'OpenOffice.org'. A remote user can create a specially crafted Word document that, when loaded by the target user, will trigger an out-of-bounds read and potentially execute arbitrary code on the target system.

Affected

LibreOffice version 3.3.0 and 3.4.0 through 3.4.2

References

http://osvdb.org/76178
http://seclists.org/bugtraq/2011/Oct/21
http://www.libreoffice.org/advisories/CVE-2011-2713/
http://www.securitytracker.com/id?102615

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2713

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

F-PROT AV 'ELF' Header Denial of Service Vulnerability
ddrLPD Remote Denial of Service Vulnerability
Ciscokits TFTP Server Long Filename Denial Of Service Vulnerability
Adobe Acrobat PDF File Denial Of Service Vulnerability
Comodo Internet Security Denial of Service Vulnerability-05

LibreOffice 'DOC' File Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities