LibreOffice vulnerable to multiple buffer overflows
Three weeks after releasing LibreOffice 3.5.5, The Document Foundation has confirmed that security holes in earlier versions of the open source LibreOffice productivity suite can be exploited by attackers to compromise a victim's system. According to the project's security advisory, these include multiple heap-based buffer overflow vulnerabilities in the XML manifest encryption tag parsing code.
Successful exploitation of the vulnerabilities could lead to the execution of arbitrary code on a system with the privileges of a local user. For an attack to be successful, a victim must first open a specially crafted Open Document Format (ODF) file. Versions up to and including LibreOffice 3.5.4 are affected; upgrading to version 3.5.5 or later fixes these problems. All users are advised to upgrade.
The developers note that the 3.6.0 release of LibreOffice also closes these holes. However, at the time of writing, this version has yet to be released only the fourth release candidate is available.
- Multiple heap-based buffer overflows in the XML manifest encryption handling code, security advisory from LibreOffice.