Home Unlabelled USN-2331-1: LibreOffice vulnerability

USN-2331-1: LibreOffice vulnerability

By
Tuesday, September 02, 2014
Read
Add Comment

Ubuntu Security Notice USN-2331-1


2nd September, 2014


libreoffice vulnerability


A security issue affects these releases of Ubuntu and its derivatives:



  • Ubuntu 14.04 LTS


Summary


LibreOffice Calc could be made to crash or run programs as your login if it opened a specially crafted file.


Software description



  • libreoffice - Office productivity suite


Details


Rohan Durve and James Kettle discovered LibreOffice Calc sometimes allowed

for command injection when opening spreadsheets. If a user were tricked

into opening a crafted Calc spreadsheet, an attacker could exploit this to

run programs as your login.


Update instructions


The problem can be corrected by updating your system to the following package version:



Ubuntu 14.04 LTS:

libreoffice-core 1:4.2.6.3-0ubuntu1


To update your system, please follow these instructions: http://bit.ly/1aJDvTw.


After a standard system update you need to restart LibreOffice to make

all the necessary changes.


References


CVE-2014-3524






from Ubuntu Security Notices http://bit.ly/1pm4TMT
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us