CentOS Local Security Checks : CentOS Update for autocorr-af CESA-2017:0914 centos7

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.882693

Kategorie: CentOS Local Security Checks

Titel: CentOS Update for autocorr-af CESA-2017:0914 centos7

Zusammenfassung: Check the version of autocorr-af

Beschreibung: Summary:
Check the version of autocorr-af

Vulnerability Insight:
LibreOffice is an open source,
community-developed office productivity suite. It includes key desktop
applications, such as a word processor, a spreadsheet, a presentation manager,
a formula editor, and a drawing program. LibreOffice replaces OpenOffice and
provides a similar but enhanced and extended office suite.

Security Fix(es):

* It was found that LibreOffice disclosed contents of a file specified in
an embedded object's preview. An attacker could potentially use this flaw
to expose details of a system running LibreOffice as an online service via
a crafted document. (CVE-2017-3157)

Bug Fix(es):

* Previously, an improper resource management caused the LibreOffice Calc
spreadsheet application to terminate unexpectedly after closing a dialog
window with accessibility support enabled. The resource management has been
improved, and the described problem no longer occurs. (BZ#1425536)

* Previously, when an incorrect password was entered for a password
protected document, the document has been considered as valid and a
fallback attempt to open it as plain text has been made. As a consequence,
it could appear that the document successfully loaded, while just the
encrypted unreadable content was shown. A fix has been made to terminate
import attempts after entering incorrect password, and now nothing is
loaded when a wrong password is entered. (BZ#1426348)

* Previously, an improper resource management caused the LibreOffice Calc
spreadsheet application to terminate unexpectedly during exit, after the
Text Import dialog for CSV (Comma-separated Value) files closed, when
accessibility support was enabled. The resource management has been
improved, and the described problem no longer occurs. (BZ#1425535)

Affected Software/OS:
autocorr-af on CentOS 7

Solution:
Please Install the Updated Packages.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-3157
BugTraq ID: 96402
http://www.securityfocus.com/bid/96402
Debian Security Information: DSA-3792 (Google Search)
https://www.debian.org/security/2017/dsa-3792
RedHat Security Advisories: RHSA-2017:0914
https://access.redhat.com/errata/RHSA-2017:0914
RedHat Security Advisories: RHSA-2017:0979
https://access.redhat.com/errata/RHSA-2017:0979
http://www.securitytracker.com/id/1037893

Copyright Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.882693
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for autocorr-af CESA-2017:0914 centos7
Zusammenfassung:	Check the version of autocorr-af
Beschreibung:	Summary: Check the version of autocorr-af Vulnerability Insight: LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose details of a system running LibreOffice as an online service via a crafted document. (CVE-2017-3157) Bug Fix(es): * Previously, an improper resource management caused the LibreOffice Calc spreadsheet application to terminate unexpectedly after closing a dialog window with accessibility support enabled. The resource management has been improved, and the described problem no longer occurs. (BZ#1425536) * Previously, when an incorrect password was entered for a password protected document, the document has been considered as valid and a fallback attempt to open it as plain text has been made. As a consequence, it could appear that the document successfully loaded, while just the encrypted unreadable content was shown. A fix has been made to terminate import attempts after entering incorrect password, and now nothing is loaded when a wrong password is entered. (BZ#1426348) * Previously, an improper resource management caused the LibreOffice Calc spreadsheet application to terminate unexpectedly during exit, after the Text Import dialog for CSV (Comma-separated Value) files closed, when accessibility support was enabled. The resource management has been improved, and the described problem no longer occurs. (BZ#1425535) Affected Software/OS: autocorr-af on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3157 BugTraq ID: 96402 http://www.securityfocus.com/bid/96402 Debian Security Information: DSA-3792 (Google Search) https://www.debian.org/security/2017/dsa-3792 RedHat Security Advisories: RHSA-2017:0914 https://access.redhat.com/errata/RHSA-2017:0914 RedHat Security Advisories: RHSA-2017:0979 https://access.redhat.com/errata/RHSA-2017:0979 http://www.securitytracker.com/id/1037893
Copyright	Copyright (C) 2017 Greenbone AG