CLD-15 Details

Other IDs this deficiency may be known by:

CVE ID CVE-2017-14226 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s)

Basic Information:

Affected Package(s) libreoffice
Deficiency Type SECURITY
Date Created 2017-09-09 08:28:37
Date Last Modified 2017-11-04 09:03:11

Version Specific Information:

Cucumber 1.0 i686 fixed in libreoffice-5.3.7.2-i686-1
Cucumber 1.0 x86_64 fixed in libreoffice-5.3.7.2-x86_64-1

Cucumber 1.1 i686 fixed in libreoffice-5.3.7.2-i686-1
Cucumber 1.1 x86_64 fixed in libreoffice-5.3.7.2-x86_64-1

Details:

WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in
libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a
denial of service (heap-based buffer over-read in the WPXTableList class in
WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7.
It may lead to suffering a remote attack against a LibreOffice application
(https://nvd.nist.gov/vuln/detail/CVE-2017-14226).

It struck me as rather odd that this labeled as affecting LibreOffice before
5.3.7 since that version hasn't been released yet (as of Sat Sep  9 08:51:28 EDT
2017 the latest 5.3 version is 5.3.6).

LibreOffice as packaged with Cucumber Linux is vulnerable to this. Since there
is a patch that fixes this vulnerability and that patch has been applied in the
Git version of LibreOffice, there will probably be a 5.3.7 release fixing this
in the near future.