CVE-2013-4156
Published: 31 July 2013
Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
Notes
Author | Note |
---|---|
jdstrand | application termination |
mdeslaur | precise is fixed in Correct-the-XML-document-handler.diff |
Priority
Status
Package | Release | Status |
---|---|---|
libreoffice Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Released
(1:3.5.7-0ubuntu6)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Not vulnerable
(1:4.1.2~rc3-0ubuntu1)
|
|
trusty |
Does not exist
(trusty was not-affected [1:4.2.3~rc3-0ubuntu2])
|
|
upstream |
Released
(4.0.4)
|
|
utopic |
Not vulnerable
(1:4.2.3~rc3-0ubuntu2)
|
|
Patches: upstream: http://cgit.freedesktop.org/libreoffice/core/commit/writerfilter/source/ooxml/OOXMLDocumentImpl.cxx?id=d94bda0c1fd3c618b98a63f76d71e129ad06d942 |
||
openoffice.org Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Not vulnerable
(transitional packages)
|
|
quantal |
Does not exist
|
|
raring |
Does not exist
|
|
saucy |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|