Ubuntu 11.10, 11.04 USN-1495-1 Moderate: LibreOffice Code Execution
Jul 03, 2012
•
LinuxSecurity Advisories
1 - 2 min read
Topics Covered
LibreOffice could be made to crash or potentially run programs as your login if it opened a specially crafted file.
=========================================================================Ubuntu Security Notice USN-1495-1 July 02, 2012 libreoffice, libreoffice-l10n vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 Summary: LibreOffice could be made to crash or potentially run programs as your login if it opened a specially crafted file. Software Description: - libreoffice: Office productivity suite - libreoffice-l10n: Office productivity suite help Details: Integer overflows were discovered in the graphics loading code of several different image types. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-1149) Sven Jacobi discovered an integer overflow when processing Escher graphics records. If a user were tricked into opening a specially crafted PowerPoint file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-2334) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libreoffice-core 1:3.4.4-0ubuntu1.2 libreoffice-l10n-common 1:3.4.4-0ubuntu1.2 Ubuntu 11.04: libreoffice-core 1:3.3.4-0ubuntu1.2 libreoffice-l10n-common 1:3.3.3-1ubuntu1.2 After a standard system update you need to restart LibreOffice to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1495-1 CVE-2012-1149, CVE-2012-2334 Package Information: https://launchpad.net/ubuntu/+source/libreoffice/1:3.4.4-0ubuntu1.2 https://launchpad.net/ubuntu/+source/libreoffice-l10n/1:3.4.4-0ubuntu1.2 https://launchpad.net/ubuntu/+source/libreoffice/1:3.3.4-0ubuntu1.2 https://launchpad.net/ubuntu/+source/libreoffice-l10n/1:3.3.3-1ubuntu1.2
PREVIOUS
NEXT
Ubuntu 11.10, 11.04 USN-1495-1 Moderate: LibreOffice Code Execution
ubuntu
July 3, 2012
LibreOffice could be made to crash or potentially run programs as your login if it opened a specially crafted file.
Summary
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libreoffice-core 1:3.4.4-0ubuntu1.2 libreoffice-l10n-common 1:3.4.4-0ubuntu1.2 Ubuntu 11.04: libreoffice-core 1:3.3.4-0ubuntu1.2 libreoffice-l10n-common 1:3.3.3-1ubuntu1.2 After a standard system update you need to restart LibreOffice to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-1495-1
CVE-2012-1149, CVE-2012-2334
Severity
important
Lowest
Low
Medium
High
Critical
July 02, 2012
Topics Covered
Package Information
https://launchpad.net/ubuntu/+source/libreoffice/1:3.4.4-0ubuntu1.2 https://launchpad.net/ubuntu/+source/libreoffice-l10n/1:3.4.4-0ubuntu1.2 https://launchpad.net/ubuntu/+source/libreoffice/1:3.3.4-0ubuntu1.2 https://launchpad.net/ubuntu/+source/libreoffice-l10n/1:3.3.3-1ubuntu1.2
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!