CVE-2015-5212

Description

Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.

How to fix CVE-2015-5212

To remediate CVE-2015-5212, upgrade the affected package to a fixed version below.

• Debian/libreoffice—upgrade to 1:5.0.1~rc1-1 or later

Is CVE-2015-5212 being exploited?

Moderate — EPSS is 43.0%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 1:5.0.1~rc1-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2015-5212