CVE-2013-4156
Published: 31 July 2013
Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
Notes
| Author | Note |
|---|---|
| jdstrand | application termination |
| mdeslaur | precise is fixed in Correct-the-XML-document-handler.diff |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libreoffice Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
| precise |
Released
(1:3.5.7-0ubuntu6)
|
|
| quantal |
Ignored
(end of life)
|
|
| raring |
Ignored
(end of life)
|
|
| saucy |
Not vulnerable
(1:4.1.2~rc3-0ubuntu1)
|
|
| trusty |
Does not exist
(trusty was not-affected [1:4.2.3~rc3-0ubuntu2])
|
|
| upstream |
Released
(4.0.4)
|
|
| utopic |
Not vulnerable
(1:4.2.3~rc3-0ubuntu2)
|
|
|
Patches: upstream: http://cgit.freedesktop.org/libreoffice/core/commit/writerfilter/source/ooxml/OOXMLDocumentImpl.cxx?id=d94bda0c1fd3c618b98a63f76d71e129ad06d942 |
||
|
openoffice.org Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
| precise |
Not vulnerable
(transitional packages)
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| saucy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| utopic |
Does not exist
|
|