CVE-2015-1774
libreoffice - security update
EPSS 7.4%
Description
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
How to fix CVE-2015-1774
To remediate CVE-2015-1774, upgrade the affected package to a fixed version below.
- Debian/libreoffice—upgrade to 1:4.4.2-1 or later
- Debian/libreoffice—upgrade to 1:3.5.4+dfsg2-0+deb7u4 or later
Is CVE-2015-1774 being exploited?
Moderate — EPSS is 7.4%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1:4.4.2-1
- from 0, < 1:3.5.4+dfsg2-0+deb7u4