CVE Vulnerabilities

CVE-2015-5212

Integer Underflow (Wrap or Wraparound)

Published: Nov 10, 2015 | Modified: Feb 07, 2022
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
5.8 MODERATE
AV:N/AC:M/Au:N/C:N/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting Load printer settings with the document is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.

Weakness

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

Affected Software

Name Vendor Start Version End Version
Libreoffice Libreoffice * 4.4.4 (including)
Libreoffice Ubuntu precise *
Libreoffice Ubuntu trusty *
Libreoffice Ubuntu vivid *
Red Hat Enterprise Linux 6 RedHat libreoffice-1:4.2.8.2-11.el6_7.1 *
Red Hat Enterprise Linux 7 RedHat libreoffice-1:4.3.7.2-5.el7_2.1 *

References