CVE-2016-0794
Title: CVE-2016-0794 LotusWordPro Multiple bounds overflows in lwp filter
Announced: February 17, 2016
Fixed in: LibreOffice 5.0.4/5.1.0
Description:
Multiple offsets in parsing lwp documents were insufficiently checked for validity. Documents can be constructed which cause memory corruption by overflowing various buffer bounds.
All users are recommended to upgrade to LibreOffice >= 5.0.4 or >= 5.1.0
Thanks to the researchers working with VeriSign iDefense Labs for discovering this flaw.
References:
CVE-2016-0794
Follow Us