CVE-2015-1774

Name of the Vulnerable Software and Affected Versions LibreOffice versions prior to 4.3.7 LibreOffice versions 4.4.x prior to 4.4.2 Apache OpenOffice versions prior to 4.1.2

Description The issue is related to the HWP filter in the affected software, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted HWP document. This is due to an out-of-bounds write triggered by the crafted document. Exploitation of the issue may allow an attacker to gain unauthorized access to confidential data, cause a denial of service, or impact data integrity through a specially crafted HWP file.

Recommendations For LibreOffice versions prior to 4.3.7, update to version 4.3.7 or later. For LibreOffice versions 4.4.x prior to 4.4.2, update to version 4.4.2 or later. For Apache OpenOffice versions prior to 4.1.2, update to version 4.1.2 or later.