Your submission was sent successfully! Close

CVE-2015-5214

Published: 3 November 2015

LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.

Priority

Medium

Status

Package Release Status
libreoffice
Launchpad, Ubuntu, Debian
precise
Released (1:3.5.7-0ubuntu9)
trusty Does not exist
(trusty was released [1:4.2.8-0ubuntu3])
upstream Needs triage

vivid
Released (1:4.4.6~rc3-0ubuntu1)
wily Not vulnerable
(1:5.0.2-0ubuntu1)
Patches:
upstream: https://gerrit.libreoffice.org/#/c/17695/