Oracle Linux 6 / 7 : libreoffice (ELSA-2015-2619)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

From Red Hat Security Advisory 2015:2619 :

Updated libreoffice packages that fixes multiple security issues are
now available for Red Hat Enterprise Linux 6 and 7.

Red Hat Product Security has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

LibreOffice is an open source, community-developed office productivity
suite. It includes key desktop applications, such as a word processor,
a spreadsheet, a presentation manager, a formula editor, and a drawing
program. LibreOffice replaces OpenOffice and provides a similar but
enhanced and extended office suite.

It was discovered that LibreOffice did not properly restrict automatic
link updates. By tricking a victim into opening specially crafted
documents, an attacker could possibly use this flaw to disclose
contents of files accessible by the victim. (CVE-2015-4551)

An integer underflow flaw leading to a heap-based buffer overflow when
parsing PrinterSetup data was discovered. By tricking a user into
opening a specially crafted document, an attacker could possibly
exploit this flaw to execute arbitrary code with the privileges of the
user opening the file. (CVE-2015-5212)

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way LibreOffice processed certain Microsoft Word .doc
files. By tricking a user into opening a specially crafted Microsoft
Word .doc document, an attacker could possibly use this flaw to
execute arbitrary code with the privileges of the user opening the
file. (CVE-2015-5213)

It was discovered that LibreOffice did not properly sanity check
bookmark indexes. By tricking a user into opening a specially crafted
document, an attacker could possibly use this flaw to execute
arbitrary code with the privileges of the user opening the file.
(CVE-2015-5214)

All libreoffice users are advised to upgrade to these updated
packages, which contain backported patches to correct these issues.

See also :

https://oss.oracle.com/pipermail/el-errata/2015-December/005626.html
https://oss.oracle.com/pipermail/el-errata/2015-December/005629.html

Solution :

Update the affected libreoffice packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.3
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 87365 ()

Bugtraq ID:

CVE ID: CVE-2015-4551
CVE-2015-5212
CVE-2015-5213
CVE-2015-5214

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now