LibreOffice < 3.5.7 / 3.6.1 Multiple Denial of Service Vulnerabilities
Medium Nessus Plugin ID 73332
SynopsisThe remote host contains an application that is affected by multiple denial of service vulnerabilities.
DescriptionA version of LibreOffice prior to 3.5.7 / 3.6.1 is installed on the remote Windows host. It is, therefore, reportedly affected by multiple denial of service vulnerabilities in various import filters:
- Excel (.xls)
- Windows Meta File (.wmf)
- Open Document Format (.odg / .odt)
This could allow a remote attacker with a specially crafted file to crash the application upon loading.
Note that Nessus has not attempted to exploit these issues, but has instead relied only on the self-reported version number.
SolutionUpgrade to LibreOffice version 3.5.7 / 3.6.1 or later.