CVE-2015-4551

Publication date 3 November 2015

Last updated 24 July 2024


Ubuntu priority

LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.

Status

Package Ubuntu Release Status
libreoffice 15.10 wily
Not affected
15.04 vivid
Fixed 1:4.4.6~rc3-0ubuntu1
14.04 LTS trusty
Fixed 1:4.2.8-0ubuntu3
12.04 LTS precise
Fixed 1:3.5.7-0ubuntu9

References

Related Ubuntu Security Notices (USN)

    • USN-2793-1
    • LibreOffice vulnerabilities
    • 5 November 2015

Other references