Detections
Analytics

Scientific Linux Security Update : libreoffice on SL6.x i386/x86_64 (20151214)

medium Nessus Plugin ID 87400

Language:

Synopsis

The remote Scientific Linux host is missing one or more security updates.

Description

It was discovered that LibreOffice did not properly restrict automatic link updates. By tricking a victim into opening specially crafted documents, an attacker could possibly use this flaw to disclose contents of files accessible by the victim. (CVE-2015-4551)

An integer underflow flaw leading to a heap-based buffer overflow when parsing PrinterSetup data was discovered. By tricking a user into opening a specially crafted document, an attacker could possibly exploit this flaw to execute arbitrary code with the privileges of the user opening the file. (CVE-2015-5212)

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way LibreOffice processed certain Microsoft Word .doc files. By tricking a user into opening a specially crafted Microsoft Word .doc document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file. (CVE-2015-5213)

It was discovered that LibreOffice did not properly sanity check bookmark indexes. By tricking a user into opening a specially crafted document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file.
(CVE-2015-5214)

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?a4c9833f

Plugin Details

Severity: Medium

ID: 87400

File Name: sl_20151214_libreoffice_on_SL6_x.nasl

Version: 2.4

Type: local

Agent: unix

Published: 12/16/2015

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:fermilab:scientific_linux:autocorr-hr, p-cpe:/a:fermilab:scientific_linux:autocorr-hu, p-cpe:/a:fermilab:scientific_linux:autocorr-is, p-cpe:/a:fermilab:scientific_linux:autocorr-it, p-cpe:/a:fermilab:scientific_linux:autocorr-ja, p-cpe:/a:fermilab:scientific_linux:autocorr-ko, p-cpe:/a:fermilab:scientific_linux:autocorr-lb, p-cpe:/a:fermilab:scientific_linux:autocorr-lt, p-cpe:/a:fermilab:scientific_linux:autocorr-mn, p-cpe:/a:fermilab:scientific_linux:autocorr-nl, p-cpe:/a:fermilab:scientific_linux:autocorr-pl, p-cpe:/a:fermilab:scientific_linux:autocorr-pt, p-cpe:/a:fermilab:scientific_linux:autocorr-ro, p-cpe:/a:fermilab:scientific_linux:autocorr-ru, p-cpe:/a:fermilab:scientific_linux:autocorr-sk, p-cpe:/a:fermilab:scientific_linux:autocorr-sl, p-cpe:/a:fermilab:scientific_linux:autocorr-sr, p-cpe:/a:fermilab:scientific_linux:autocorr-sv, p-cpe:/a:fermilab:scientific_linux:autocorr-af, p-cpe:/a:fermilab:scientific_linux:autocorr-bg, p-cpe:/a:fermilab:scientific_linux:autocorr-ca, p-cpe:/a:fermilab:scientific_linux:autocorr-cs, p-cpe:/a:fermilab:scientific_linux:autocorr-da, p-cpe:/a:fermilab:scientific_linux:autocorr-de, p-cpe:/a:fermilab:scientific_linux:autocorr-en, p-cpe:/a:fermilab:scientific_linux:autocorr-es, p-cpe:/a:fermilab:scientific_linux:autocorr-fa, p-cpe:/a:fermilab:scientific_linux:autocorr-fi, p-cpe:/a:fermilab:scientific_linux:autocorr-fr, p-cpe:/a:fermilab:scientific_linux:autocorr-ga, p-cpe:/a:fermilab:scientific_linux:libreoffice-core, p-cpe:/a:fermilab:scientific_linux:libreoffice-debuginfo, p-cpe:/a:fermilab:scientific_linux:libreoffice-draw, p-cpe:/a:fermilab:scientific_linux:libreoffice-emailmerge, p-cpe:/a:fermilab:scientific_linux:libreoffice-filters, p-cpe:/a:fermilab:scientific_linux:libreoffice-gdb-debug-support, p-cpe:/a:fermilab:scientific_linux:libreoffice-glade, p-cpe:/a:fermilab:scientific_linux:libreoffice-graphicfilter, p-cpe:/a:fermilab:scientific_linux:libreoffice-headless, p-cpe:/a:fermilab:scientific_linux:libreoffice-impress, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-af, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ar, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-as, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-bg, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-bn, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ca, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-cs, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-cy, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-da, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-de, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-dz, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-el, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-en, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-es, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-et, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-eu, p-cpe:/a:fermilab:scientific_linux:autocorr-tr, p-cpe:/a:fermilab:scientific_linux:autocorr-vi, p-cpe:/a:fermilab:scientific_linux:autocorr-zh, p-cpe:/a:fermilab:scientific_linux:libreoffice, p-cpe:/a:fermilab:scientific_linux:libreoffice-base, p-cpe:/a:fermilab:scientific_linux:libreoffice-bsh, p-cpe:/a:fermilab:scientific_linux:libreoffice-calc, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-fi, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-fr, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ga, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-gl, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-gu, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-he, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-hi, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-hr, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-hu, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-it, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ja, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-kn, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ko, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-lt, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-mai, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ml, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-mr, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ms, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-nb, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-nl, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-nn, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-nr, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-nso, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-or, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-pa, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-pl, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-pt-br, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-pt-pt, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ro, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ru, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-sk, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-sl, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-sr, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ss, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-st, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-sv, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ta, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-te, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-th, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-tn, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-tr, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ts, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-uk, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ur, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-ve, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-xh, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-zh-hans, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-zh-hant, p-cpe:/a:fermilab:scientific_linux:libreoffice-langpack-zu, p-cpe:/a:fermilab:scientific_linux:libreoffice-librelogo, p-cpe:/a:fermilab:scientific_linux:libreoffice-math, p-cpe:/a:fermilab:scientific_linux:libreoffice-nlpsolver, p-cpe:/a:fermilab:scientific_linux:libreoffice-ogltrans, p-cpe:/a:fermilab:scientific_linux:libreoffice-opensymbol-fonts, p-cpe:/a:fermilab:scientific_linux:libreoffice-pdfimport, p-cpe:/a:fermilab:scientific_linux:libreoffice-pyuno, p-cpe:/a:fermilab:scientific_linux:libreoffice-rhino, p-cpe:/a:fermilab:scientific_linux:libreoffice-sdk, p-cpe:/a:fermilab:scientific_linux:libreoffice-sdk-doc, p-cpe:/a:fermilab:scientific_linux:libreoffice-ure, p-cpe:/a:fermilab:scientific_linux:libreoffice-wiki-publisher, p-cpe:/a:fermilab:scientific_linux:libreoffice-writer, p-cpe:/a:fermilab:scientific_linux:libreoffice-xsltfilter, x-cpe:/o:fermilab:scientific_linux

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 12/14/2015

Vulnerability Publication Date: 11/10/2015

Reference Information

CVE: CVE-2015-4551, CVE-2015-5212, CVE-2015-5213, CVE-2015-5214