This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201209-05
(LibreOffice: Multiple vulnerabilities)
Multiple vulnerabilities have been found in LibreOffice:
The Microsoft Word Document parser contains an out-of-bounds read
The Raptor RDF parser contains an XML External Entity expansion error
The graphic loading parser contains an integer overflow error which
could cause a heap-based buffer overflow (CVE-2012-1149).
Multiple errors in the XML manifest handling code could cause a
heap-based buffer overflow (CVE-2012-2665).
A remote attacker could entice a user to open a specially crafted
document file using LibreOffice, possibly resulting in execution of
arbitrary code with the privileges of the process or a Denial of Service
There is no known workaround at this time.
See also :
All LibreOffice users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=app-office/libreoffice-220.127.116.11'
All users of the LibreOffice binary package should upgrade to the latest
# emerge --sync
# emerge --ask --oneshot --verbose
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : false
Family: Gentoo Local Security Checks
Nessus Plugin ID: 62286 ()
Bugtraq ID: 49969526815357054769
CVE ID: CVE-2011-2713CVE-2012-0037CVE-2012-1149CVE-2012-2665
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.