{"id":"MGASA-2015-0441","summary":"Updated libreoffice packages fix security vulnerability","details":"Federico Scrinzi discovered that LibreOffice incorrectly handled documents\ninserted into Writer or Calc via links. If a user were tricked into\nopening a specially crafted document, a remote attacker could possibly\nobtain the contents of arbitrary files (CVE-2015-4551).\n\nIt was discovered that LibreOffice incorrectly handled PrinterSetup data\nstored in ODF files. If a user were tricked into opening a specially\ncrafted ODF document, a remote attacker could cause LibreOffice to crash,\nand possibly execute arbitrary code.(CVE-2015-5212).\n\nIt was discovered that LibreOffice incorrectly handled the number of\npieces in DOC files. If a user were tricked into opening a specially\ncrafted DOC document, a remote attacker could cause LibreOffice to crash,\nand possibly execute arbitrary code (CVE-2015-5213).\n\nIt was discovered that LibreOffice incorrectly handled bookmarks in DOC\nfiles. If a user were tricked into opening a specially crafted DOC\ndocument, a remote attacker could cause LibreOffice to crash, and possibly\nexecute arbitrary code (CVE-2015-5214).\n\nLibreOffice has been updated to version 4.4.6, which fixes these issues as\nwell as several other bugs.\n","modified":"2026-04-16T01:47:46.457865387Z","published":"2015-11-10T21:26:39Z","upstream":["CVE-2015-4551","CVE-2015-5212","CVE-2015-5213","CVE-2015-5214"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0441.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17097"},{"type":"ADVISORY","url":"https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/"},{"type":"ADVISORY","url":"https://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/"},{"type":"ADVISORY","url":"https://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/"},{"type":"ADVISORY","url":"https://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/"},{"type":"REPORT","url":"http://download.documentfoundation.org/libreoffice/src/bugs-changelog-libreoffice-4-4-4-release-4.4.4.1.log"},{"type":"REPORT","url":"http://download.documentfoundation.org/libreoffice/src/bugs-changelog-libreoffice-4-4-4-release-4.4.4.2.log"},{"type":"REPORT","url":"http://download.documentfoundation.org/libreoffice/src/bugs-changelog-libreoffice-4-4-4-release-4.4.4.3.log"},{"type":"REPORT","url":"http://download.documentfoundation.org/libreoffice/src/bugs-changelog-libreoffice-4-4-5-release-4.4.5.1.log"},{"type":"REPORT","url":"http://download.documentfoundation.org/libreoffice/src/bugs-changelog-libreoffice-4-4-5-release-4.4.5.2.log"},{"type":"REPORT","url":"http://download.documentfoundation.org/libreoffice/src/bugs-changelog-libreoffice-4-4-6-release-4.4.6.1.log"},{"type":"REPORT","url":"http://download.documentfoundation.org/libreoffice/src/bugs-changelog-libreoffice-4-4-6-release-4.4.6.2.log"},{"type":"REPORT","url":"http://download.documentfoundation.org/libreoffice/src/bugs-changelog-libreoffice-4-4-6-release-4.4.6.3.log"},{"type":"WEB","url":"http://www.ubuntu.com/usn/usn-2793-1/"}],"affected":[{"package":{"name":"libreoffice","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/libreoffice?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.6.3-2.2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0441.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}