VDB
CVE-2015-4551
CVE-2015-4551
PUBLISHED
LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.
EPSS 7.75% · 92.1th percentile
Risk Scores
EPSS Score
7.75%
92.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:14.04:LTS | libreoffice | 0, 1:4.1.2~rc3-0ubuntu2, 1:4.1.3-0ubuntu2 |
Exploit Intelligence
- 1034085 (circl)
- GLSA-201611-03 (circl)
- 1034091 (circl)
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html (circl)
- RHSA-2015:2619 (circl)
- USN-2793-1 (circl)
- 77486 (circl)
- http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ (circl)
- GLSA-201603-05 (circl)
- http://www.openoffice.org/security/cves/CVE-2015-4551.html (circl)
…and 1 more exploits
Timeline
- Nov 3, 2015 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Dec 17, 2024 EPSS Score
- Mar 29, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
- May 1, 2025 EPSS Score
- May 4, 2025 EPSS Score
- Jun 1, 2025 EPSS Score
- Jun 4, 2025 EPSS Score
- Jul 4, 2025 EPSS Score
- Jul 13, 2025 EPSS Score
References
- https://ubuntu.com/security/CVE-2015-4551 third-party-advisory
- https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ third-party-advisory
- https://ubuntu.com/security/notices/USN-2793-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2015-4551 third-party-advisory