CVE-2015-5212

Title: CVE-2015-5212 ODF Integer Underflow (PrinterSetup Length)

Announced: November  5, 2015

Fixed in: LibreOffice 4.4.5/5.0.0

Description:

The PrinterSetup data stored in ODF files can be of attacker controlled variable legnth, but is coped into a fixed length buffer without sufficient size checks.


All users are recommended to upgrade to LibreOffice >= 4.4.5 or >= 5.0.0

References:

    CVE-2015-5212

Latest Tweets

@libreoffice
@tdforg