4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.012 Low
EPSS
Percentile
85.0%
LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | libreoffice | < 1:3.5.4+dfsg-3 | libreoffice_1:3.5.4+dfsg-3_all.deb |
Debian | 11 | all | libreoffice | < 1:3.5.4+dfsg-3 | libreoffice_1:3.5.4+dfsg-3_all.deb |
Debian | 999 | all | libreoffice | < 1:3.5.4+dfsg-3 | libreoffice_1:3.5.4+dfsg-3_all.deb |
Debian | 13 | all | libreoffice | < 1:3.5.4+dfsg-3 | libreoffice_1:3.5.4+dfsg-3_all.deb |