| |
| <!DOCTYPE html> |
| <html> |
| <head> |
| <title>CVE-2015-5213</title> |
| <style type="text/css"></style> |
| </head> |
| |
| <body> |
| <!-- These were previously defined as XHTML pages. The current |
| wrapping for the site introduces HTML5 headers and formats. |
| This version is modified to match the wrapping that is done as part |
| of publishing this page and not rely on any particular styling |
| beyond <p>. |
| --> |
| <p> |
| <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-5213">CVE-2015-5213</a> |
| </p> |
| <p> |
| <a href="https://www.openoffice.org/security/cves/CVE-2015-5213.html">Apache OpenOffice Advisory</a> |
| </p> |
| |
| <p style="text-align:center; font-size:largest"><strong>CVE-2015-5213: |
| .DOC DOCUMENT VULNERABILITY</strong></p> |
| |
| <p style="text-align:center; font-size:larger"><strong>Fixed in Apache OpenOffice 4.1.2</strong></p> |
| |
| <p><strong>Title: Memory Corruption Vulnerability (DOC |
| Piecetable)</strong></p> |
| <p> |
| <strong>Version 1.0</strong> |
| <br /> |
| Announced November 4, 2015</p> |
| |
| <p> |
| A crafted Microsoft Word DOC file can be used to specify a |
| document buffer that is too small for the amount of data |
| provided for it. Failure to detect the discrepancy allows |
| an attacker to cause denial of service (memory corruption |
| and application crash) and possible execution of arbitrary |
| code. |
| </p> |
| |
| <p> |
| <strong>Severity: Important</strong> |
| </p> |
| <p>There are no known exploits of this vulnerabilty.<br /> |
| A proof-of-concept demonstration exists.</p> |
| <p> |
| <strong>Vendor: The Apache Software Foundation</strong> |
| </p> |
| |
| <p> |
| <strong>Versions Affected</strong></p> |
| |
| <p>All Apache OpenOffice versions 4.1.1 and older are affected.<br /> |
| OpenOffice.org versions are also affected.</p> |
| |
| <p> |
| <strong>Mitigation</strong> |
| </p> |
| <p>Apache OpenOffice users are urged to download and install |
| Apache OpenOffice version 4.1.2 or later. DOC files having |
| the defect are detected and made ineffective in 4.1.2. |
| </p> |
| |
| <p> |
| <strong>Precautions</strong> |
| </p> |
| <p> |
| Users who do not upgrade to Apache OpenOffice 4.1.2 should |
| be careful of .DOC files from unknown or unreliable sources. |
| A Microsoft Word 97-2003 DOC format file can be checked |
| by opening with software, such as Microsoft Office Word or |
| Word Online, that rejects documents having this defect as |
| corrupted.</p> |
| |
| <p> |
| <strong>Further Information</strong> |
| </p> |
| <p>For additional information and assistance, consult the |
| <a href="https://forum.openoffice.org/">Apache OpenOffice Community Forums</a> |
| or make requests to the |
| <a href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</a> |
| public mailing list. |
| </p> |
| <p>The latest information on Apache OpenOffice security bulletins |
| can be found at the <a href="https://www.openoffice.org/security/bulletin.html">Bulletin |
| Archive page</a>.</p> |
| |
| <p><strong>Credits</strong></p> |
| <p> |
| The discoverer of this vulnerability wishes to remain anonymous. |
| </p> |
| |
| <hr /> |
| |
| <p> |
| <a href="http://security.openoffice.org">Security Home</a> |
| -> <a href="http://security.openoffice.org/security/bulletin.html">Bulletin</a> |
| -> <a href="https://www.openoffice.org/security/cves/CVE-2015-5213.html">CVE-2015-5213</a> |
| </p> |
| </body> |
| </html> |