FreeBSD : Apache OpenOffice 4.1.2 -- Memory Corruption Vulnerability (Impress Presentations) (72f71e26-4f69-11e6-ac37-ac9e174be3af)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Apache OpenOffice Project reports :

An OpenDocument Presentation .ODP or Presentation Template .OTP file
can contain invalid presentation elements that lead to memory
corruption when the document is loaded in Apache OpenOffice Impress.
The defect may cause the document to appear as corrupted and
OpenOffice may crash in a recovery-stuck mode requiring manual
intervention. A crafted exploitation of the defect can allow an
attacker to cause denial of service (memory corruption and application
crash) and possible execution of arbitrary code.

See also :

http://www.openoffice.org/security/cves/CVE-2015-4551.html
http://www.nessus.org/u?fef31fc2

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 92504 ()

Bugtraq ID:

CVE ID: CVE-2016-1513

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now