Kaspersky LabKLA10568KLA10568 Vulnerability in LibreOffice
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.017 Low
EPSS
Percentile
87.7%
An unspecified vulnerability was found in LibreOffice 4.3.х before 4.3.7, LibreOffice 4.4.х before 4.4.2. By exploiting this vulnerability malicious users can cause denial of service (crash) or possibly execute arbitrary code. This vulnerability can be exploited via a crafted HWP document.
Original advisories
Related products
CVE list
CVE-2015-1774 high
Solution
Update to the latest versionLibreOffice 4.3.7
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Affected Products
- LibreOffice before 4.3.7
LibreOffice 4.4.х before 4.4.2
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.017 Low
EPSS
Percentile
87.7%