Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2018-10119: Moderate: libreoffice security and bug fix update (RHSA-2018:3054)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Red Hat: CVE-2018-10119: Moderate: libreoffice security and bug fix update (RHSA-2018:3054)

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
04/16/2018
Created
03/19/2019
Added
10/31/2018
Modified
03/03/2021

Description

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.

Solution(s)

  • redhat-upgrade-autocorr-af
  • redhat-upgrade-autocorr-bg
  • redhat-upgrade-autocorr-ca
  • redhat-upgrade-autocorr-cs
  • redhat-upgrade-autocorr-da
  • redhat-upgrade-autocorr-de
  • redhat-upgrade-autocorr-en
  • redhat-upgrade-autocorr-es
  • redhat-upgrade-autocorr-fa
  • redhat-upgrade-autocorr-fi
  • redhat-upgrade-autocorr-fr
  • redhat-upgrade-autocorr-ga
  • redhat-upgrade-autocorr-hr
  • redhat-upgrade-autocorr-hu
  • redhat-upgrade-autocorr-is
  • redhat-upgrade-autocorr-it
  • redhat-upgrade-autocorr-ja
  • redhat-upgrade-autocorr-ko
  • redhat-upgrade-autocorr-lb
  • redhat-upgrade-autocorr-lt
  • redhat-upgrade-autocorr-mn
  • redhat-upgrade-autocorr-nl
  • redhat-upgrade-autocorr-pl
  • redhat-upgrade-autocorr-pt
  • redhat-upgrade-autocorr-ro
  • redhat-upgrade-autocorr-ru
  • redhat-upgrade-autocorr-sk
  • redhat-upgrade-autocorr-sl
  • redhat-upgrade-autocorr-sr
  • redhat-upgrade-autocorr-sv
  • redhat-upgrade-autocorr-tr
  • redhat-upgrade-autocorr-vi
  • redhat-upgrade-autocorr-zh
  • redhat-upgrade-libreoffice
  • redhat-upgrade-libreoffice-base
  • redhat-upgrade-libreoffice-bsh
  • redhat-upgrade-libreoffice-calc
  • redhat-upgrade-libreoffice-core
  • redhat-upgrade-libreoffice-data
  • redhat-upgrade-libreoffice-debuginfo
  • redhat-upgrade-libreoffice-draw
  • redhat-upgrade-libreoffice-emailmerge
  • redhat-upgrade-libreoffice-filters
  • redhat-upgrade-libreoffice-gdb-debug-support
  • redhat-upgrade-libreoffice-glade
  • redhat-upgrade-libreoffice-graphicfilter
  • redhat-upgrade-libreoffice-gtk2
  • redhat-upgrade-libreoffice-gtk3
  • redhat-upgrade-libreoffice-help-ar
  • redhat-upgrade-libreoffice-help-bg
  • redhat-upgrade-libreoffice-help-bn
  • redhat-upgrade-libreoffice-help-ca
  • redhat-upgrade-libreoffice-help-cs
  • redhat-upgrade-libreoffice-help-da
  • redhat-upgrade-libreoffice-help-de
  • redhat-upgrade-libreoffice-help-dz
  • redhat-upgrade-libreoffice-help-el
  • redhat-upgrade-libreoffice-help-es
  • redhat-upgrade-libreoffice-help-et
  • redhat-upgrade-libreoffice-help-eu
  • redhat-upgrade-libreoffice-help-fi
  • redhat-upgrade-libreoffice-help-fr
  • redhat-upgrade-libreoffice-help-gl
  • redhat-upgrade-libreoffice-help-gu
  • redhat-upgrade-libreoffice-help-he
  • redhat-upgrade-libreoffice-help-hi
  • redhat-upgrade-libreoffice-help-hr
  • redhat-upgrade-libreoffice-help-hu
  • redhat-upgrade-libreoffice-help-id
  • redhat-upgrade-libreoffice-help-it
  • redhat-upgrade-libreoffice-help-ja
  • redhat-upgrade-libreoffice-help-ko
  • redhat-upgrade-libreoffice-help-lt
  • redhat-upgrade-libreoffice-help-lv
  • redhat-upgrade-libreoffice-help-nb
  • redhat-upgrade-libreoffice-help-nl
  • redhat-upgrade-libreoffice-help-nn
  • redhat-upgrade-libreoffice-help-pl
  • redhat-upgrade-libreoffice-help-pt-br
  • redhat-upgrade-libreoffice-help-pt-pt
  • redhat-upgrade-libreoffice-help-ro
  • redhat-upgrade-libreoffice-help-ru
  • redhat-upgrade-libreoffice-help-si
  • redhat-upgrade-libreoffice-help-sk
  • redhat-upgrade-libreoffice-help-sl
  • redhat-upgrade-libreoffice-help-sv
  • redhat-upgrade-libreoffice-help-ta
  • redhat-upgrade-libreoffice-help-tr
  • redhat-upgrade-libreoffice-help-uk
  • redhat-upgrade-libreoffice-help-zh-hans
  • redhat-upgrade-libreoffice-help-zh-hant
  • redhat-upgrade-libreoffice-impress
  • redhat-upgrade-libreoffice-langpack-af
  • redhat-upgrade-libreoffice-langpack-ar
  • redhat-upgrade-libreoffice-langpack-as
  • redhat-upgrade-libreoffice-langpack-bg
  • redhat-upgrade-libreoffice-langpack-bn
  • redhat-upgrade-libreoffice-langpack-br
  • redhat-upgrade-libreoffice-langpack-ca
  • redhat-upgrade-libreoffice-langpack-cs
  • redhat-upgrade-libreoffice-langpack-cy
  • redhat-upgrade-libreoffice-langpack-da
  • redhat-upgrade-libreoffice-langpack-de
  • redhat-upgrade-libreoffice-langpack-dz
  • redhat-upgrade-libreoffice-langpack-el
  • redhat-upgrade-libreoffice-langpack-en
  • redhat-upgrade-libreoffice-langpack-es
  • redhat-upgrade-libreoffice-langpack-et
  • redhat-upgrade-libreoffice-langpack-eu
  • redhat-upgrade-libreoffice-langpack-fa
  • redhat-upgrade-libreoffice-langpack-fi
  • redhat-upgrade-libreoffice-langpack-fr
  • redhat-upgrade-libreoffice-langpack-ga
  • redhat-upgrade-libreoffice-langpack-gl
  • redhat-upgrade-libreoffice-langpack-gu
  • redhat-upgrade-libreoffice-langpack-he
  • redhat-upgrade-libreoffice-langpack-hi
  • redhat-upgrade-libreoffice-langpack-hr
  • redhat-upgrade-libreoffice-langpack-hu
  • redhat-upgrade-libreoffice-langpack-id
  • redhat-upgrade-libreoffice-langpack-it
  • redhat-upgrade-libreoffice-langpack-ja
  • redhat-upgrade-libreoffice-langpack-kk
  • redhat-upgrade-libreoffice-langpack-kn
  • redhat-upgrade-libreoffice-langpack-ko
  • redhat-upgrade-libreoffice-langpack-lt
  • redhat-upgrade-libreoffice-langpack-lv
  • redhat-upgrade-libreoffice-langpack-mai
  • redhat-upgrade-libreoffice-langpack-ml
  • redhat-upgrade-libreoffice-langpack-mr
  • redhat-upgrade-libreoffice-langpack-nb
  • redhat-upgrade-libreoffice-langpack-nl
  • redhat-upgrade-libreoffice-langpack-nn
  • redhat-upgrade-libreoffice-langpack-nr
  • redhat-upgrade-libreoffice-langpack-nso
  • redhat-upgrade-libreoffice-langpack-or
  • redhat-upgrade-libreoffice-langpack-pa
  • redhat-upgrade-libreoffice-langpack-pl
  • redhat-upgrade-libreoffice-langpack-pt-br
  • redhat-upgrade-libreoffice-langpack-pt-pt
  • redhat-upgrade-libreoffice-langpack-ro
  • redhat-upgrade-libreoffice-langpack-ru
  • redhat-upgrade-libreoffice-langpack-si
  • redhat-upgrade-libreoffice-langpack-sk
  • redhat-upgrade-libreoffice-langpack-sl
  • redhat-upgrade-libreoffice-langpack-sr
  • redhat-upgrade-libreoffice-langpack-ss
  • redhat-upgrade-libreoffice-langpack-st
  • redhat-upgrade-libreoffice-langpack-sv
  • redhat-upgrade-libreoffice-langpack-ta
  • redhat-upgrade-libreoffice-langpack-te
  • redhat-upgrade-libreoffice-langpack-th
  • redhat-upgrade-libreoffice-langpack-tn
  • redhat-upgrade-libreoffice-langpack-tr
  • redhat-upgrade-libreoffice-langpack-ts
  • redhat-upgrade-libreoffice-langpack-uk
  • redhat-upgrade-libreoffice-langpack-ve
  • redhat-upgrade-libreoffice-langpack-xh
  • redhat-upgrade-libreoffice-langpack-zh-hans
  • redhat-upgrade-libreoffice-langpack-zh-hant
  • redhat-upgrade-libreoffice-langpack-zu
  • redhat-upgrade-libreoffice-librelogo
  • redhat-upgrade-libreoffice-math
  • redhat-upgrade-libreoffice-nlpsolver
  • redhat-upgrade-libreoffice-officebean
  • redhat-upgrade-libreoffice-officebean-common
  • redhat-upgrade-libreoffice-ogltrans
  • redhat-upgrade-libreoffice-opensymbol-fonts
  • redhat-upgrade-libreoffice-pdfimport
  • redhat-upgrade-libreoffice-postgresql
  • redhat-upgrade-libreoffice-pyuno
  • redhat-upgrade-libreoffice-rhino
  • redhat-upgrade-libreoffice-sdk
  • redhat-upgrade-libreoffice-sdk-doc
  • redhat-upgrade-libreoffice-ure
  • redhat-upgrade-libreoffice-ure-common
  • redhat-upgrade-libreoffice-wiki-publisher
  • redhat-upgrade-libreoffice-writer
  • redhat-upgrade-libreoffice-x11
  • redhat-upgrade-libreoffice-xsltfilter
  • redhat-upgrade-libreofficekit
  • redhat-upgrade-libreofficekit-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;