SUSE: CVE-2018-10120: SUSE Linux Security Advisory
7
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
04/16/2018
07/25/2018
05/16/2018
02/04/2022
Description
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.
Solution(s)
- suse-upgrade-libreoffice
- suse-upgrade-libreoffice-base
- suse-upgrade-libreoffice-base-drivers-mysql
- suse-upgrade-libreoffice-base-drivers-postgresql
- suse-upgrade-libreoffice-branding-upstream
- suse-upgrade-libreoffice-calc
- suse-upgrade-libreoffice-calc-extensions
- suse-upgrade-libreoffice-draw
- suse-upgrade-libreoffice-filters-optional
- suse-upgrade-libreoffice-gdb-pretty-printers
- suse-upgrade-libreoffice-glade
- suse-upgrade-libreoffice-gnome
- suse-upgrade-libreoffice-gtk2
- suse-upgrade-libreoffice-gtk3
- suse-upgrade-libreoffice-icon-themes
- suse-upgrade-libreoffice-impress
- suse-upgrade-libreoffice-kde4
- suse-upgrade-libreoffice-l10n-af
- suse-upgrade-libreoffice-l10n-am
- suse-upgrade-libreoffice-l10n-ar
- suse-upgrade-libreoffice-l10n-as
- suse-upgrade-libreoffice-l10n-ast
- suse-upgrade-libreoffice-l10n-be
- suse-upgrade-libreoffice-l10n-bg
- suse-upgrade-libreoffice-l10n-bn
- suse-upgrade-libreoffice-l10n-bn_in
- suse-upgrade-libreoffice-l10n-bo
- suse-upgrade-libreoffice-l10n-br
- suse-upgrade-libreoffice-l10n-brx
- suse-upgrade-libreoffice-l10n-bs
- suse-upgrade-libreoffice-l10n-ca
- suse-upgrade-libreoffice-l10n-ca_valencia
- suse-upgrade-libreoffice-l10n-ckb
- suse-upgrade-libreoffice-l10n-cs
- suse-upgrade-libreoffice-l10n-cy
- suse-upgrade-libreoffice-l10n-da
- suse-upgrade-libreoffice-l10n-de
- suse-upgrade-libreoffice-l10n-dgo
- suse-upgrade-libreoffice-l10n-dsb
- suse-upgrade-libreoffice-l10n-dz
- suse-upgrade-libreoffice-l10n-el
- suse-upgrade-libreoffice-l10n-en
- suse-upgrade-libreoffice-l10n-en_gb
- suse-upgrade-libreoffice-l10n-en_za
- suse-upgrade-libreoffice-l10n-eo
- suse-upgrade-libreoffice-l10n-es
- suse-upgrade-libreoffice-l10n-et
- suse-upgrade-libreoffice-l10n-eu
- suse-upgrade-libreoffice-l10n-fa
- suse-upgrade-libreoffice-l10n-fi
- suse-upgrade-libreoffice-l10n-fr
- suse-upgrade-libreoffice-l10n-fur
- suse-upgrade-libreoffice-l10n-fy
- suse-upgrade-libreoffice-l10n-ga
- suse-upgrade-libreoffice-l10n-gd
- suse-upgrade-libreoffice-l10n-gl
- suse-upgrade-libreoffice-l10n-gu
- suse-upgrade-libreoffice-l10n-gug
- suse-upgrade-libreoffice-l10n-he
- suse-upgrade-libreoffice-l10n-hi
- suse-upgrade-libreoffice-l10n-hr
- suse-upgrade-libreoffice-l10n-hsb
- suse-upgrade-libreoffice-l10n-hu
- suse-upgrade-libreoffice-l10n-id
- suse-upgrade-libreoffice-l10n-is
- suse-upgrade-libreoffice-l10n-it
- suse-upgrade-libreoffice-l10n-ja
- suse-upgrade-libreoffice-l10n-ka
- suse-upgrade-libreoffice-l10n-kab
- suse-upgrade-libreoffice-l10n-kk
- suse-upgrade-libreoffice-l10n-km
- suse-upgrade-libreoffice-l10n-kmr_latn
- suse-upgrade-libreoffice-l10n-kn
- suse-upgrade-libreoffice-l10n-ko
- suse-upgrade-libreoffice-l10n-kok
- suse-upgrade-libreoffice-l10n-ks
- suse-upgrade-libreoffice-l10n-lb
- suse-upgrade-libreoffice-l10n-lo
- suse-upgrade-libreoffice-l10n-lt
- suse-upgrade-libreoffice-l10n-lv
- suse-upgrade-libreoffice-l10n-mai
- suse-upgrade-libreoffice-l10n-mk
- suse-upgrade-libreoffice-l10n-ml
- suse-upgrade-libreoffice-l10n-mn
- suse-upgrade-libreoffice-l10n-mni
- suse-upgrade-libreoffice-l10n-mr
- suse-upgrade-libreoffice-l10n-my
- suse-upgrade-libreoffice-l10n-nb
- suse-upgrade-libreoffice-l10n-ne
- suse-upgrade-libreoffice-l10n-nl
- suse-upgrade-libreoffice-l10n-nn
- suse-upgrade-libreoffice-l10n-nr
- suse-upgrade-libreoffice-l10n-nso
- suse-upgrade-libreoffice-l10n-oc
- suse-upgrade-libreoffice-l10n-om
- suse-upgrade-libreoffice-l10n-or
- suse-upgrade-libreoffice-l10n-pa
- suse-upgrade-libreoffice-l10n-pl
- suse-upgrade-libreoffice-l10n-pt_br
- suse-upgrade-libreoffice-l10n-pt_pt
- suse-upgrade-libreoffice-l10n-ro
- suse-upgrade-libreoffice-l10n-ru
- suse-upgrade-libreoffice-l10n-rw
- suse-upgrade-libreoffice-l10n-sa_in
- suse-upgrade-libreoffice-l10n-sat
- suse-upgrade-libreoffice-l10n-sd
- suse-upgrade-libreoffice-l10n-si
- suse-upgrade-libreoffice-l10n-sid
- suse-upgrade-libreoffice-l10n-sk
- suse-upgrade-libreoffice-l10n-sl
- suse-upgrade-libreoffice-l10n-sq
- suse-upgrade-libreoffice-l10n-sr
- suse-upgrade-libreoffice-l10n-ss
- suse-upgrade-libreoffice-l10n-st
- suse-upgrade-libreoffice-l10n-sv
- suse-upgrade-libreoffice-l10n-sw_tz
- suse-upgrade-libreoffice-l10n-szl
- suse-upgrade-libreoffice-l10n-ta
- suse-upgrade-libreoffice-l10n-te
- suse-upgrade-libreoffice-l10n-tg
- suse-upgrade-libreoffice-l10n-th
- suse-upgrade-libreoffice-l10n-tn
- suse-upgrade-libreoffice-l10n-tr
- suse-upgrade-libreoffice-l10n-ts
- suse-upgrade-libreoffice-l10n-tt
- suse-upgrade-libreoffice-l10n-ug
- suse-upgrade-libreoffice-l10n-uk
- suse-upgrade-libreoffice-l10n-uz
- suse-upgrade-libreoffice-l10n-ve
- suse-upgrade-libreoffice-l10n-vec
- suse-upgrade-libreoffice-l10n-vi
- suse-upgrade-libreoffice-l10n-xh
- suse-upgrade-libreoffice-l10n-zh_cn
- suse-upgrade-libreoffice-l10n-zh_tw
- suse-upgrade-libreoffice-l10n-zu
- suse-upgrade-libreoffice-librelogo
- suse-upgrade-libreoffice-mailmerge
- suse-upgrade-libreoffice-math
- suse-upgrade-libreoffice-officebean
- suse-upgrade-libreoffice-pyuno
- suse-upgrade-libreoffice-qt5
- suse-upgrade-libreoffice-sdk
- suse-upgrade-libreoffice-sdk-doc
- suse-upgrade-libreoffice-writer
- suse-upgrade-libreoffice-writer-extensions
- suse-upgrade-libreofficekit
- suse-upgrade-libreofficekit-devel
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center