CVE-2017-7870
Title: CVE-2017-7870 Heap-buffer-overflow in WMF polygon processing
Announced: April 21, 2017
Fixed in: LibreOffice 5.2.5/5.3.0
Description:
Windows Metafiles (WMF) can contain polygons which under certain circumstances when processed (split) can result in output polygons which have too many points to be represented by LibreOffice's internal polygon class.
Prior to versions 5.2.5/5.3.0 this failure was undetected and a heap buffer overflow could occur as the attempt to split the polygon was assumed to succeed.
All users are recommended to upgrade to LibreOffice >= 5.2.5 or >= 5.3.0.
References:
CVE-2017-7870
關注我們