Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Ubuntu 16.10, 16.04, 14.04 LTS Advisory: EMF Crash In LibreOffice

ubuntu
Calendar Grey May 2, 2017
Dist Ubuntu Esm H88
Ubuntu versions 16.10, 16.04, and 14.04 LTS contain flaws in LibreOffice that might lead to system crashes or enable remote code execution.
LibreOffice could be made to crash or run programs as your login if it opened a specially crafted EMF file.

Summary

LibreOffice could be made to crash or run programs as your login if it

opened a specially crafted EMF file.

Software Description:

- libreoffice: Office productivity suite

Details:

It was discovered that LibreOffice incorrectly handled EMF image files.

If a user were tricked into opening a specially crafted EMF image file, a

remote attacker could cause LibreOffice to crash, and possibly execute

arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
  libreoffice-core                1:5.2.2-0ubuntu2.1

Ubuntu 16.04 LTS:
  libreoffice-core                1:5.1.6~rc2-0ubuntu1~xenial2

Ubuntu 14.04 LTS:
  libreoffice-core                1:4.2.8-0ubuntu5.1

After a standard system update you need to restart LibreOffice to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-3273-1

CVE-2016-10327, CVE-2017-7870

Severity
important
Lowest
Low
Medium
High
Critical

May 02, 2017

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.