Vulnerabilities > CVE-2017-8358 - Out-of-bounds Write vulnerability in Libreoffice

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
libreoffice
CWE-787
critical
nessus

Summary

LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.

Vulnerable Configurations

Part Description Count
Application
Libreoffice
276

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-2315-1.NASL
    descriptionLibreOffice was updated to version 5.3.5.2, bringing new features and enhancements: Writer : - New
    last seen2020-06-01
    modified2020-06-02
    plugin id102911
    published2017-09-01
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102911
    titleSUSE SLED12 Security Update : libreoffice (SUSE-SU-2017:2315-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-807.NASL
    descriptionLibreOffice was updated to version 5.3.3.2, bringing new features and enhancements : Writer : - New
    last seen2020-06-05
    modified2017-07-13
    plugin id101517
    published2017-07-13
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101517
    titleopenSUSE Security Update : libreoffice (openSUSE-2017-807)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-1821-1.NASL
    descriptionLibreOffice was updated to version 5.3.3.2, bringing new features and enhancements: Writer : - New
    last seen2020-06-01
    modified2020-06-02
    plugin id101353
    published2017-07-10
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101353
    titleSUSE SLED12 Security Update : libreoffice (SUSE-SU-2017:1821-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-1048.NASL
    descriptionLibreOffice was updated to version 5.3.5.2, bringing new features and enhancements : Writer : - New
    last seen2020-06-05
    modified2017-09-18
    plugin id103284
    published2017-09-18
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/103284
    titleopenSUSE Security Update : libreoffice (openSUSE-2017-1048)