LibreOffice < 4.2.8 / 4.3.5 RTF File Handling Code Execution (Mac OS X)
Medium Nessus Plugin ID 80830
SynopsisThe remote host contains an application that is affected by an invalid memory write vulnerability.
DescriptionThe version of LibreOffice installed on the remote Mac OS X host is prior to 4.2.8 or 4.3.x prior to 4.3.5. It is, therefore, affected by an invalid memory write vulnerability. An attacker, using a specially crafted Rich Text Format (RTF) file, can exploit this to cause a denial of service or possibly execute arbitrary code.
Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to LibreOffice version 4.2.8 (220.127.116.11), 4.3.5 (18.104.22.168) or later.