[3.5] libreoffice: Dereference of invalid STL iterator on processing RTF file (CVE-2016-4324)
Parsing the Rich Text Format character style index was insufficiently
checked for validity.
Documents can be constructed which dereference an iterator to the first
entry of an empty STL container.
Fixed in:
libreoffice 5.1.4, libreoffice 5.2.0
References:
https://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/
(from redmine: issue id 5849, created on 2016-07-04, closed on 2016-08-09)
- Relations:
- parent #5848 (closed)