A use after free vulnerability was found in the RTF parser of
LibreOffice. The vulnerability lies in the parsing of documents
containing both stylesheet and superscript tokens. A specially crafted
RTF document containing both a stylesheet and superscript element
causes LibreOffice to access an invalid pointer referencing previously
used memory on the heap. By carefully manipulating the contents of the
heap, this vulnerability can be used to execute arbitrary code.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | libreoffice-fresh | < 5.1.4-1 | UNKNOWN |