LibreOffice < 3.5.3 RTF File Handling Remote Memory Corruption (Mac OS X)

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application affected by a memory
corruption vulnerability.

Description :

A version of LibreOffice prior to 3.5.3 is installed on the remote
Mac OS X host. It thus is reportedly affected by a memory corruption
vulnerability in its handling of RTF files.

By tricking a victim into opening a specially crafted RTF file, a
remote attacker may be able to execute arbitrary code on the host
subject to the privileges of the user running the affected
application.

See also :

http://shinnai.altervista.org/exploits/SH-016-20120416.html
http://www.nessus.org/u?79f70016

Solution :

Upgrade to LibreOffice version 3.5.3 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 59181 ()

Bugtraq ID: 53142

CVE ID: