Your submission was sent successfully! Close

CVE-2015-4551

Published: 3 November 2015

LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.

Priority

Medium

Status

Package Release Status
libreoffice
Launchpad, Ubuntu, Debian
precise
Released (1:3.5.7-0ubuntu9)
trusty Does not exist
(trusty was released [1:4.2.8-0ubuntu3])
upstream Needs triage

vivid
Released (1:4.4.6~rc3-0ubuntu1)
wily Not vulnerable
(1:5.0.2-0ubuntu1)