Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Ubuntu 12.04 LTS: USN-2400-1 Critical: LibreOffice OLE Handling Problem

ubuntu
Calendar Grey November 10, 2014
Scroller Ubuntu Esm H88
Enhancement to tackle LibreOffice security flaw by integrating confidential data within files. Learn additional details here!
LibreOffice could be made to embed sensitive information into documents.

Summary

LibreOffice could be made to embed sensitive information into documents.

Software Description:

- libreoffice: Office productivity suite

Details:

It was discovered that LibreOffice incorrectly handled OLE preview

generation. If a user were tricked into opening a crafted document, an

attacker could possibly exploit this to embed arbitrary data into

documents.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
  libreoffice-core                1:3.5.7-0ubuntu7

After a standard system update you need to restart LibreOffice to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-2400-1

CVE-2014-3575

Severity
critical
Lowest
Low
Medium
High
Critical

November 10, 2014

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.