CentOS Local Security Checks : CentOS Update for autocorr-af CESA-2017:0914 centos7

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.882693

Categoría: CentOS Local Security Checks

Título: CentOS Update for autocorr-af CESA-2017:0914 centos7

Resumen: Check the version of autocorr-af

Descripción: Summary:
Check the version of autocorr-af

Vulnerability Insight:
LibreOffice is an open source,
community-developed office productivity suite. It includes key desktop
applications, such as a word processor, a spreadsheet, a presentation manager,
a formula editor, and a drawing program. LibreOffice replaces OpenOffice and
provides a similar but enhanced and extended office suite.

Security Fix(es):

* It was found that LibreOffice disclosed contents of a file specified in
an embedded object's preview. An attacker could potentially use this flaw
to expose details of a system running LibreOffice as an online service via
a crafted document. (CVE-2017-3157)

Bug Fix(es):

* Previously, an improper resource management caused the LibreOffice Calc
spreadsheet application to terminate unexpectedly after closing a dialog
window with accessibility support enabled. The resource management has been
improved, and the described problem no longer occurs. (BZ#1425536)

* Previously, when an incorrect password was entered for a password
protected document, the document has been considered as valid and a
fallback attempt to open it as plain text has been made. As a consequence,
it could appear that the document successfully loaded, while just the
encrypted unreadable content was shown. A fix has been made to terminate
import attempts after entering incorrect password, and now nothing is
loaded when a wrong password is entered. (BZ#1426348)

* Previously, an improper resource management caused the LibreOffice Calc
spreadsheet application to terminate unexpectedly during exit, after the
Text Import dialog for CSV (Comma-separated Value) files closed, when
accessibility support was enabled. The resource management has been
improved, and the described problem no longer occurs. (BZ#1425535)

Affected Software/OS:
autocorr-af on CentOS 7

Solution:
Please Install the Updated Packages.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-3157
BugTraq ID: 96402
http://www.securityfocus.com/bid/96402
Debian Security Information: DSA-3792 (Google Search)
https://www.debian.org/security/2017/dsa-3792
RedHat Security Advisories: RHSA-2017:0914
https://access.redhat.com/errata/RHSA-2017:0914
RedHat Security Advisories: RHSA-2017:0979
https://access.redhat.com/errata/RHSA-2017:0979
http://www.securitytracker.com/id/1037893

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.882693
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for autocorr-af CESA-2017:0914 centos7
Resumen:	Check the version of autocorr-af
Descripción:	Summary: Check the version of autocorr-af Vulnerability Insight: LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose details of a system running LibreOffice as an online service via a crafted document. (CVE-2017-3157) Bug Fix(es): * Previously, an improper resource management caused the LibreOffice Calc spreadsheet application to terminate unexpectedly after closing a dialog window with accessibility support enabled. The resource management has been improved, and the described problem no longer occurs. (BZ#1425536) * Previously, when an incorrect password was entered for a password protected document, the document has been considered as valid and a fallback attempt to open it as plain text has been made. As a consequence, it could appear that the document successfully loaded, while just the encrypted unreadable content was shown. A fix has been made to terminate import attempts after entering incorrect password, and now nothing is loaded when a wrong password is entered. (BZ#1426348) * Previously, an improper resource management caused the LibreOffice Calc spreadsheet application to terminate unexpectedly during exit, after the Text Import dialog for CSV (Comma-separated Value) files closed, when accessibility support was enabled. The resource management has been improved, and the described problem no longer occurs. (BZ#1425535) Affected Software/OS: autocorr-af on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3157 BugTraq ID: 96402 http://www.securityfocus.com/bid/96402 Debian Security Information: DSA-3792 (Google Search) https://www.debian.org/security/2017/dsa-3792 RedHat Security Advisories: RHSA-2017:0914 https://access.redhat.com/errata/RHSA-2017:0914 RedHat Security Advisories: RHSA-2017:0979 https://access.redhat.com/errata/RHSA-2017:0979 http://www.securitytracker.com/id/1037893
Copyright	Copyright (C) 2017 Greenbone AG