CVE-2016-0795
Title: CVE-2016-0795 LotusWordPro Bounds overflows in LwpTocSuperLayout processing
Announced: February 17, 2016
Fixed in: LibreOffice 5.0.5/5.1.0
Description:
Parsing the LwpTocSuperLayout record was insufficiently checked for validity. Documents can be constructed which cause memory corruption by overflowing the LwpTocSuperLayout buffer..
All users are recommended to upgrade to LibreOffice >= 5.0.5 or >= 5.1.0
Thanks to the researchers working with VeriSign iDefense Labs for discovering this flaw.
References:
CVE-2016-0795
Sledujte nás