CVE-2015-5213
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way LibreOffice processed certain Microsoft Word .doc files. By tricking a user into opening a specially crafted Microsoft Word .doc document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file.
Find out more about CVE-2015-5213 from the MITRE CVE dictionary dictionary and NIST NVD.
CVSS v2 metrics
| Base Score | 5.8 |
|---|---|
| Base Metrics | AV:N/AC:M/Au:N/C:N/I:P/A:P |
| Access Vector | Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | Partial |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 6 (libreoffice) | RHSA-2015:2619 | 2015-12-14 |
| Red Hat Enterprise Linux 7 (libreoffice) | RHSA-2015:2619 | 2015-12-14 |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 5 | openoffice.org | Will not fix |