CVE-2013-4156
Title: CVE-2013-4156: Microsoft .docm Denial Of Service
Announced: July 26 2013
Fixed in: LibreOffice 3.6.7/4.0.4
Description:
A denial of service flaw was found in the .docm import filter of LibreOffice. An attacker cound create a specially-crafted file in the .docm file format which when loaded would immediately terminate the application through a NULL dereference.
Thanks to Jeremy Brown of Microsoft Vulnerability Research for reporting this flaw. Users are recommended to upgrade to 3.6.7, 4.0.4 or 4.1.0 to avoid this flaw.
References:
關注我們