Lucene search

K

[email protected]NVD:CVE-2015-5213

HistoryNov 10, 2015 - 5:59 p.m.

CVE-2015-5213

2015-11-1017:59:03

CWE-189

[email protected]

web.nvd.nist.gov

1

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.1%

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

Affected configurations

NVD

Node

canonicalubuntu_linuxMatch12.04lts

OR

canonicalubuntu_linuxMatch14.04lts

OR

canonicalubuntu_linuxMatch15.04

OR

debiandebian_linuxMatch7.0

OR

debiandebian_linuxMatch8.0

Node

apacheopenofficeRange≤4.1.1

Node

libreofficelibreofficeRange≤4.4.4

References

rhn.redhat.com/errata/RHSA-2015-2619.html

www.debian.org/security/2015/dsa-3394

www.libreoffice.org/about-us/security/advisories/cve-2015-5213/

www.openoffice.org/security/cves/CVE-2015-5213.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/77486

www.securitytracker.com/id/1034085

www.securitytracker.com/id/1034091

www.ubuntu.com/usn/USN-2793-1

security.gentoo.org/glsa/201603-05

security.gentoo.org/glsa/201611-03

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.1%

Related for NVD:CVE-2015-5213

cvelist1 ubuntucve1 debiancve1 prion1 cve1 kaspersky2 nessus16 openvas14 redhat1 veracode2 debian1 mageia1 centos1 ubuntu1 oraclelinux1 osv1 freebsd1 gentoo2