Test ID:	1.3.6.1.4.1.25623.1.0.810578
Category:	General
Title:	LibreOffice Calc And Writer File Disclosure Vulnerability - Windows
Summary:	LibreOffice is prone to arbitrary file disclosure vulnerability.
Description:	Summary: LibreOffice is prone to arbitrary file disclosure vulnerability. Vulnerability Insight: The flaw exists as embedded Objects in writer and calc can contain previews of their content. A document can be crafted which contains an embedded object that is a link to an existing file on the targets system. On load the preview of the embedded object will be updated to reflect the content of the file on the target system. Vulnerability Impact: Successful exploitation will allow local attacker to obtain sensitive information that may aid in launching further attacks. Affected Software/OS: LibreOffice version prior to 5.1.6, 5.2.x prior to 5.2.5 on Windows. Solution: Upgrade to LibreOffice version 5.1.6 or 5.2.5 or 5.3.0 later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3157 BugTraq ID: 96402 http://www.securityfocus.com/bid/96402 Debian Security Information: DSA-3792 (Google Search) https://www.debian.org/security/2017/dsa-3792 RedHat Security Advisories: RHSA-2017:0914 https://access.redhat.com/errata/RHSA-2017:0914 RedHat Security Advisories: RHSA-2017:0979 https://access.redhat.com/errata/RHSA-2017:0979 http://www.securitytracker.com/id/1037893
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.