| Revision Date: | 2018-08-05 | Version: | 1 | | Title: | CVE-2018-14939 on Ubuntu 16.04 LTS (xenial) - medium. | | Description: | The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2018-14939
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT fonts-opensymbol package in xenial, while related to the CVE in some way, is not affected.
OR NOT gir1.2-lokdocview-0.1 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-avmedia-backend-gstreamer package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-base package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-base-core package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-base-drivers package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-calc package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-common package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-core package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-draw package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-gnome package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-gtk package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-gtk3 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-impress package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-java-common package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-kde package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-l10n-in package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-l10n-za package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-librelogo package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-math package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-mysql-connector package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-officebean package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-ogltrans package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-pdfimport package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-report-builder package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-report-builder-bin package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-script-provider-bsh package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-script-provider-js package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-script-provider-python package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-sdbc-firebird package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-sdbc-hsqldb package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-sdbc-postgresql package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-style-breeze package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-style-elementary package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-style-galaxy package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-style-hicontrast package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-style-human package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-style-oxygen package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-style-sifr package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-style-tango package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-subsequentcheckbase package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-wiki-publisher package in xenial, while related to the CVE in some way, is not affected.
OR NOT libreoffice-writer package in xenial, while related to the CVE in some way, is not affected.
OR NOT python3-uno package in xenial, while related to the CVE in some way, is not affected.
OR NOT uno-libs3 package in xenial, while related to the CVE in some way, is not affected.
OR NOT ure package in xenial, while related to the CVE in some way, is not affected.
|
|