RHEL 6 : libreoffice (RHSA-2017:0979)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

An update for libreoffice is now available for Red Hat Enterprise
Linux 6.

Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

LibreOffice is an open source, community-developed office productivity
suite. It includes key desktop applications, such as a word processor,
a spreadsheet, a presentation manager, a formula editor, and a drawing
program. LibreOffice replaces OpenOffice and provides a similar but
enhanced and extended office suite.

Security Fix(es) :

* It was found that LibreOffice disclosed contents of a file specified
in an embedded object's preview. An attacker could potentially use
this flaw to expose details of a system running LibreOffice as an
online service via a crafted document. (CVE-2017-3157)

See also :

https://www.redhat.com/security/data/cve/CVE-2017-3157.html
http://www.nessus.org/u?5f8c7b0c
http://rhn.redhat.com/errata/RHSA-2017-0979.html

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.2
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Red Hat Local Security Checks

Nessus Plugin ID: 99431 ()

Bugtraq ID:

CVE ID: CVE-2017-3157

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now