Alerts This Week
Warning Icon 1 684
Alerts This Week
Warning Icon 1 684

Ubuntu 16.10, 16.04, 14.04 LTS Advisory: EMF Crash In LibreOffice

Calendar May 02, 2017 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory remote exploit code execution Ubuntu crash LibreOffice EMF file
LibreOffice could be made to crash or run programs as your login if it opened a specially crafted EMF file. 
=========================================================================Ubuntu Security Notice USN-3273-1
May 02, 2017

libreoffice vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

LibreOffice could be made to crash or run programs as your login if it
opened a specially crafted EMF file.

Software Description:
- libreoffice: Office productivity suite

Details:

It was discovered that LibreOffice incorrectly handled EMF image files.
If a user were tricked into opening a specially crafted EMF image file, a
remote attacker could cause LibreOffice to crash, and possibly execute
arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
  libreoffice-core                1:5.2.2-0ubuntu2.1

Ubuntu 16.04 LTS:
  libreoffice-core                1:5.1.6~rc2-0ubuntu1~xenial2

Ubuntu 14.04 LTS:
  libreoffice-core                1:4.2.8-0ubuntu5.1

After a standard system update you need to restart LibreOffice to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3273-1
  CVE-2016-10327, CVE-2017-7870

Package Information:
  https://launchpad.net/ubuntu/+source/libreoffice/1:5.2.2-0ubuntu2.1
  https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial2
  https://launchpad.net/ubuntu/+source/libreoffice/1:4.2.8-0ubuntu5.1

Ubuntu 16.10, 16.04, 14.04 LTS Advisory: EMF Crash In LibreOffice

ubuntu
Calendar Grey May 2, 2017
Dist Ubuntu Esm H88
Ubuntu versions 16.10, 16.04, and 14.04 LTS contain flaws in LibreOffice that might lead to system crashes or enable remote code execution.
LibreOffice could be made to crash or run programs as your login if it opened a specially crafted EMF file.

Summary

Topics%20covered

Topics Covered

security advisory remote exploit code execution Ubuntu crash LibreOffice EMF file

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: libreoffice-core 1:5.2.2-0ubuntu2.1 Ubuntu 16.04 LTS: libreoffice-core 1:5.1.6~rc2-0ubuntu1~xenial2 Ubuntu 14.04 LTS: libreoffice-core 1:4.2.8-0ubuntu5.1 After a standard system update you need to restart LibreOffice to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3273-1

CVE-2016-10327, CVE-2017-7870

Severity
important
Lowest
Low
Medium
High
Critical

May 02, 2017

Topics%20covered

Topics Covered

security advisory remote exploit code execution Ubuntu crash LibreOffice EMF file

Package Information

https://launchpad.net/ubuntu/+source/libreoffice/1:5.2.2-0ubuntu2.1 https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial2 https://launchpad.net/ubuntu/+source/libreoffice/1:4.2.8-0ubuntu5.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here