CVE-2015-4551

Publication date 3 November 2015

Last updated 24 July 2024

Ubuntu priority

LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libreoffice	15.10 wily	Not affected
	15.04 vivid	Fixed 1:4.4.6~rc3-0ubuntu1
	14.04 LTS trusty	Fixed 1:4.2.8-0ubuntu3
	12.04 LTS precise	Fixed 1:3.5.7-0ubuntu9

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2793-1
LibreOffice vulnerabilities
5 November 2015

Other references

https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
https://www.cve.org/CVERecord?id=CVE-2015-4551