Launchpad CVE tracker

CVE 2016-4324

Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.

Related bugs and status

CVE-2016-4324 (Candidate) is related to these bugs:

Bug #1487148: [MIR] fonts-stix -- to replace xfonts-mathml

		In	Importance	Status
1487148	[MIR] fonts-stix -- to replace xfonts-mathml	libreoffice (Ubuntu)	High	Fix Released
1487148	[MIR] fonts-stix -- to replace xfonts-mathml	fonts-stix (Ubuntu)	Undecided	Fix Released
1487148	[MIR] fonts-stix -- to replace xfonts-mathml	fonts-stix (Ubuntu Wily)	Undecided	Invalid
1487148	[MIR] fonts-stix -- to replace xfonts-mathml	libreoffice (Ubuntu Wily)	Undecided	Fix Released

Bug #1508177: [SRU] Starting LibreOffice with an empty profile from the ISO creates a profile selecting galaxy, not human as theme

		In	Importance	Status
1508177	[SRU] Starting LibreOffice with an empty profile from the ISO creates a profile selecting galaxy, not human as theme	libreoffice (Ubuntu)	Undecided	Fix Released
1508177	[SRU] Starting LibreOffice with an empty profile from the ISO creates a profile selecting galaxy, not human as theme	Release Notes for Ubuntu	Undecided	Fix Released
1508177	[SRU] Starting LibreOffice with an empty profile from the ISO creates a profile selecting galaxy, not human as theme	libreoffice (Ubuntu Wily)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-4324

References