Vulnerabilites related to libreoffice - libreoffice
CVE-2019-9847 (GCVE-0-2019-9847)
Vulnerability from cvelistv5
Published
2019-05-09 13:51
Modified
2024-09-16 20:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Code Execution Vulnerability
Summary
A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally launched. Under Windows and macOS when processing a hyperlink target explicitly activated by the user there was no judgment made on whether the target was an executable file, so such executable targets were launched unconditionally. This issue affects: All LibreOffice Windows and macOS versions prior to 6.1.6; LibreOffice Windows and macOS versions in the 6.2 series prior to 6.2.3.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Document Foundation | LibreOffice |
Version: unspecified < 6.1.6 Version: unspecified < 6.2.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:55.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2019-9847/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "Document Foundation",
"versions": [
{
"lessThan": "6.1.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "6.2.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Zhongcheng Li(CK01) of Pox Security Team"
}
],
"datePublic": "2019-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally launched. Under Windows and macOS when processing a hyperlink target explicitly activated by the user there was no judgment made on whether the target was an executable file, so such executable targets were launched unconditionally. This issue affects: All LibreOffice Windows and macOS versions prior to 6.1.6; LibreOffice Windows and macOS versions in the 6.2 series prior to 6.2.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code Execution Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-09T13:51:04",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2019-9847/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to LibreOffice 6.1.6 or 6.2.3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Executable hyperlink targets executed unconditionally on activation",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2019-05-08T00:00:00.000Z",
"ID": "CVE-2019-9847",
"STATE": "PUBLIC",
"TITLE": "Executable hyperlink targets executed unconditionally on activation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.1.6"
},
{
"version_affected": "\u003c",
"version_value": "6.2.3"
}
]
}
}
]
},
"vendor_name": "Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Zhongcheng Li(CK01) of Pox Security Team"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally launched. Under Windows and macOS when processing a hyperlink target explicitly activated by the user there was no judgment made on whether the target was an executable file, so such executable targets were launched unconditionally. This issue affects: All LibreOffice Windows and macOS versions prior to 6.1.6; LibreOffice Windows and macOS versions in the 6.2 series prior to 6.2.3."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Execution Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/cve-2019-9847/",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2019-9847/"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to LibreOffice 6.1.6 or 6.2.3"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2019-9847",
"datePublished": "2019-05-09T13:51:04.424723Z",
"dateReserved": "2019-03-17T00:00:00",
"dateUpdated": "2024-09-16T20:41:44.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9848 (GCVE-0-2019-9848)
Vulnerability from cvelistv5
Published
2019-07-17 11:21
Modified
2024-09-16 22:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which could be leveraged to by an attacker document to silently execute arbitrary python commands
Summary
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Document Foundation | LibreOffice |
Version: unspecified < 6.2.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:54.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9848"
},
{
"name": "USN-4063-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"name": "FEDORA-2019-5561d20558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"name": "109374",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109374"
},
{
"name": "GLSA-201908-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "Document Foundation",
"versions": [
{
"lessThan": "6.2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Nils Emmerich of ERNW Research GmbH for discovering and reporting this issue"
}
],
"datePublic": "2019-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which could be leveraged to by an attacker document to silently execute arbitrary python commands",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-06T13:06:08",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9848"
},
{
"name": "USN-4063-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"name": "FEDORA-2019-5561d20558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"name": "109374",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109374"
},
{
"name": "GLSA-201908-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"source": {
"defect": [
"LibreLogo",
"arbitrary",
"script",
"execution"
],
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2019-07-16T00:00:00.000Z",
"ID": "CVE-2019-9848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.2.5"
}
]
}
}
]
},
"vendor_name": "Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Nils Emmerich of ERNW Research GmbH for discovering and reporting this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which could be leveraged to by an attacker document to silently execute arbitrary python commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9848",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9848"
},
{
"name": "USN-4063-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"name": "FEDORA-2019-5561d20558",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"name": "109374",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109374"
},
{
"name": "GLSA-201908-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "openSUSE-SU-2019:2057",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
]
},
"source": {
"defect": [
"LibreLogo",
"arbitrary",
"script",
"execution"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2019-9848",
"datePublished": "2019-07-17T11:21:57.813188Z",
"dateReserved": "2019-03-17T00:00:00",
"dateUpdated": "2024-09-16T22:50:55.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1774 (GCVE-0-2015-1774)
Vulnerability from cvelistv5
Published
2015-04-28 14:00
Modified
2024-08-06 04:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032205",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032205"
},
{
"name": "DSA-3236",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3236"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-1774.html"
},
{
"name": "FEDORA-2015-7022",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html"
},
{
"name": "1032206",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032206"
},
{
"name": "FEDORA-2015-7213",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html"
},
{
"name": "74338",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74338"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/"
},
{
"name": "RHSA-2015:1458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1458.html"
},
{
"name": "openSUSE-SU-2015:0859",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html"
},
{
"name": "20150427 Multiple Vendor LibreOffice \"HWPFILTER\" Out Of Bounds Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094"
},
{
"name": "USN-2578-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1032205",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032205"
},
{
"name": "DSA-3236",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3236"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-1774.html"
},
{
"name": "FEDORA-2015-7022",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html"
},
{
"name": "1032206",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032206"
},
{
"name": "FEDORA-2015-7213",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html"
},
{
"name": "74338",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74338"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/"
},
{
"name": "RHSA-2015:1458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1458.html"
},
{
"name": "openSUSE-SU-2015:0859",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html"
},
{
"name": "20150427 Multiple Vendor LibreOffice \"HWPFILTER\" Out Of Bounds Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094"
},
{
"name": "USN-2578-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1774",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032205",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032205"
},
{
"name": "DSA-3236",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3236"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2015-1774.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2015-1774.html"
},
{
"name": "FEDORA-2015-7022",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html"
},
{
"name": "1032206",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032206"
},
{
"name": "FEDORA-2015-7213",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html"
},
{
"name": "74338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74338"
},
{
"name": "https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/"
},
{
"name": "RHSA-2015:1458",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1458.html"
},
{
"name": "openSUSE-SU-2015:0859",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html"
},
{
"name": "20150427 Multiple Vendor LibreOffice \"HWPFILTER\" Out Of Bounds Access Vulnerability",
"refsource": "IDEFENSE",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094"
},
{
"name": "USN-2578-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"name": "GLSA-201603-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1774",
"datePublished": "2015-04-28T14:00:00",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9854 (GCVE-0-2019-9854)
Vulnerability from cvelistv5
Published
2019-09-06 18:30
Modified
2024-09-16 19:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Unsafe URL assembly flaw in allowed script location check
Summary
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Document Foundation | LibreOffice |
Version: 6.2 < 6.2.7 Version: 6.3 < 6.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:55.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/"
},
{
"name": "DSA-4519",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4519"
},
{
"name": "20190910 [SECURITY] [DSA 4519-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"name": "FEDORA-2019-9627e1402e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/"
},
{
"name": "USN-4138-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4138-1/"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"name": "openSUSE-SU-2019:2361",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "Document Foundation",
"versions": [
{
"lessThan": "6.2.7",
"status": "affected",
"version": "6.2",
"versionType": "custom"
},
{
"lessThan": "6.3.1",
"status": "affected",
"version": "6.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to RiceX(@ricex_cc) for reporting this issue"
}
],
"datePublic": "2019-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unsafe URL assembly flaw in allowed script location check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-22T05:03:54",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/"
},
{
"name": "DSA-4519",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4519"
},
{
"name": "20190910 [SECURITY] [DSA 4519-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"name": "FEDORA-2019-9627e1402e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/"
},
{
"name": "USN-4138-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4138-1/"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"name": "openSUSE-SU-2019:2361",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unsafe URL assembly flaw in allowed script location check",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2019-09-06T00:00:00.000Z",
"ID": "CVE-2019-9854",
"STATE": "PUBLIC",
"TITLE": "Unsafe URL assembly flaw in allowed script location check"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.2",
"version_value": "6.2.7"
},
{
"version_affected": "\u003c",
"version_name": "6.3",
"version_value": "6.3.1"
}
]
}
}
]
},
"vendor_name": "Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to RiceX(@ricex_cc) for reporting this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unsafe URL assembly flaw in allowed script location check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/"
},
{
"name": "DSA-4519",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4519"
},
{
"name": "20190910 [SECURITY] [DSA 4519-1] libreoffice security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"name": "FEDORA-2019-9627e1402e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/"
},
{
"name": "USN-4138-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4138-1/"
},
{
"name": "openSUSE-SU-2019:2183",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"name": "openSUSE-SU-2019:2361",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2019-9854",
"datePublished": "2019-09-06T18:30:08.910063Z",
"dateReserved": "2019-03-17T00:00:00",
"dateUpdated": "2024-09-16T19:24:19.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26305 (GCVE-0-2022-26305)
Vulnerability from cvelistv5
Published
2022-07-25 00:00
Modified
2024-08-03 05:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-295 - Improper Certificate Validation
Summary
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro was actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a serial number and an issuer string identical to a trusted certificate which LibreOffice would present as belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.2 < 7.2.7 Version: 7.3 < 7.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:31.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26305"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.2.7",
"status": "affected",
"version": "7.2",
"versionType": "custom"
},
{
"lessThan": "7.3.1",
"status": "affected",
"version": "7.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "OpenSource Security GmbH on behalf of the German Federal Office for Information Security"
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro was actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a serial number and an issuer string identical to a trusted certificate which LibreOffice would present as belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-26T00:00:00",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26305"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Execution of Untrusted Macros Due to Improper Certificate Validation",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2022-26305",
"datePublished": "2022-07-25T00:00:00",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:31.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7856 (GCVE-0-2017-7856)
Vulnerability from cvelistv5
Published
2017-04-14 04:30
Modified
2024-08-05 16:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:28.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/"
},
{
"name": "97667",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97667"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/"
},
{
"name": "97667",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817"
},
{
"name": "https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62",
"refsource": "MISC",
"url": "https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/"
},
{
"name": "97667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7856",
"datePublished": "2017-04-14T04:30:00",
"dateReserved": "2017-04-14T00:00:00",
"dateUpdated": "2024-08-05T16:19:28.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0037 (GCVE-0-2012-0037)
Vulnerability from cvelistv5
Published
2012-06-17 01:00
Modified
2024-08-06 18:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "48526",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48526"
},
{
"name": "48479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48479"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "GLSA-201209-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"name": "48494",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48494"
},
{
"name": "1026837",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026837"
},
{
"name": "MDVSA-2012:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"
},
{
"name": "52681",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52681"
},
{
"name": "FEDORA-2012-4663",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"
},
{
"name": "48529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48529"
},
{
"name": "80307",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/80307"
},
{
"name": "RHSA-2012:0410",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0410.html"
},
{
"name": "[oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/27/4"
},
{
"name": "MDVSA-2012:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"
},
{
"name": "48542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48542"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/advisories/CVE-2012-0037/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vsecurity.com/resources/advisory/20120324-1/"
},
{
"name": "50692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50692"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"
},
{
"name": "48649",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48649"
},
{
"name": "openoffice-xml-info-disclosure(74235)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"
},
{
"name": "DSA-2438",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2438"
},
{
"name": "RHSA-2012:0411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0411.html"
},
{
"name": "48493",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48493"
},
{
"name": "FEDORA-2012-4629",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"
},
{
"name": "MDVSA-2012:063",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-0037.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://librdf.org/raptor/RELEASE.html#rel2_0_7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"
},
{
"name": "[openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-05T13:06:05",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "48526",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48526"
},
{
"name": "48479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48479"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "GLSA-201209-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"name": "48494",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48494"
},
{
"name": "1026837",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026837"
},
{
"name": "MDVSA-2012:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"
},
{
"name": "52681",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52681"
},
{
"name": "FEDORA-2012-4663",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"
},
{
"name": "48529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48529"
},
{
"name": "80307",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/80307"
},
{
"name": "RHSA-2012:0410",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0410.html"
},
{
"name": "[oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/27/4"
},
{
"name": "MDVSA-2012:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"
},
{
"name": "48542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48542"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/advisories/CVE-2012-0037/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vsecurity.com/resources/advisory/20120324-1/"
},
{
"name": "50692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50692"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"
},
{
"name": "48649",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48649"
},
{
"name": "openoffice-xml-info-disclosure(74235)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"
},
{
"name": "DSA-2438",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2438"
},
{
"name": "RHSA-2012:0411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0411.html"
},
{
"name": "48493",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48493"
},
{
"name": "FEDORA-2012-4629",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"
},
{
"name": "MDVSA-2012:063",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-0037.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://librdf.org/raptor/RELEASE.html#rel2_0_7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"
},
{
"name": "[openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0037",
"datePublished": "2012-06-17T01:00:00",
"dateReserved": "2011-12-07T00:00:00",
"dateUpdated": "2024-08-06T18:09:17.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10119 (GCVE-0-2018-10119)
Vulnerability from cvelistv5
Published
2018-04-15 16:00
Modified
2024-08-05 07:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:01.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/#/c/48758/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747"
},
{
"name": "RHSA-2018:3054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"name": "DSA-4178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/"
},
{
"name": "USN-3883-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=fdd41c995d1f719e92c6f083e780226114762f05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/#/c/48751/"
},
{
"name": "[debian-lts-announce] 20180419 [SECURITY] [DLA 1356-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/#/c/48756/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/#/c/48757/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-07T10:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/#/c/48758/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747"
},
{
"name": "RHSA-2018:3054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"name": "DSA-4178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/"
},
{
"name": "USN-3883-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=fdd41c995d1f719e92c6f083e780226114762f05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/#/c/48751/"
},
{
"name": "[debian-lts-announce] 20180419 [SECURITY] [DLA 1356-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/#/c/48756/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/#/c/48757/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gerrit.libreoffice.org/#/c/48758/",
"refsource": "MISC",
"url": "https://gerrit.libreoffice.org/#/c/48758/"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747"
},
{
"name": "RHSA-2018:3054",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"name": "DSA-4178",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"name": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/"
},
{
"name": "USN-3883-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "https://gerrit.libreoffice.org/gitweb?p=core.git;a=commit;h=fdd41c995d1f719e92c6f083e780226114762f05",
"refsource": "MISC",
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git;a=commit;h=fdd41c995d1f719e92c6f083e780226114762f05"
},
{
"name": "https://gerrit.libreoffice.org/#/c/48751/",
"refsource": "MISC",
"url": "https://gerrit.libreoffice.org/#/c/48751/"
},
{
"name": "[debian-lts-announce] 20180419 [SECURITY] [DLA 1356-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"name": "https://gerrit.libreoffice.org/#/c/48756/",
"refsource": "MISC",
"url": "https://gerrit.libreoffice.org/#/c/48756/"
},
{
"name": "https://gerrit.libreoffice.org/#/c/48757/",
"refsource": "MISC",
"url": "https://gerrit.libreoffice.org/#/c/48757/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10119",
"datePublished": "2018-04-15T16:00:00",
"dateReserved": "2018-04-15T00:00:00",
"dateUpdated": "2024-08-05T07:32:01.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0950 (GCVE-0-2023-0950)
Vulnerability from cvelistv5
Published
2023-05-25 00:00
Modified
2025-04-23 16:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-129 - Improper Validation of Array Index
Summary
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.4 < 7.4.6 Version: 7.5 < 7.5.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:32:46.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950"
},
{
"name": "DSA-5415",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5415"
},
{
"name": "[debian-lts-announce] 20230813 [SECURITY] [DLA 3526-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html"
},
{
"name": "GLSA-202311-15",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-15"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-0950",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:28:15.822093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:21:38.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.4.6",
"status": "affected",
"version": "7.4",
"versionType": "custom"
},
{
"lessThan": "7.5.1",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Secusmart GmbH for discovering and reporting the issue"
},
{
"lang": "en",
"value": "Eike Rathke of Red Hat, Inc. for a solution"
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129 Improper Validation of Array Index",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-26T09:06:14.773Z",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950"
},
{
"name": "DSA-5415",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5415"
},
{
"name": "[debian-lts-announce] 20230813 [SECURITY] [DLA 3526-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html"
},
{
"name": "GLSA-202311-15",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-15"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Array Index UnderFlow in Calc Formula Parsing",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2023-0950",
"datePublished": "2023-05-25T00:00:00.000Z",
"dateReserved": "2023-02-22T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:21:38.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9852 (GCVE-0-2019-9852)
Vulnerability from cvelistv5
Published
2019-08-15 21:40
Modified
2024-09-17 03:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-116 - Improper Encoding or Escaping of Output
Summary
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Document Foundation | LibreOffice |
Version: unspecified < 6.2.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:54.996Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "DSA-4501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "USN-4102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "20190910 [SECURITY] [DSA 4519-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "Document Foundation",
"versions": [
{
"lessThan": "6.2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Nils Emmerich of ERNW Research GmbH for discovering and reporting this issue"
}
],
"datePublic": "2019-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116 Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-06T13:06:10",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "DSA-4501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "USN-4102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "20190910 [SECURITY] [DSA 4519-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient URL encoding flaw in allowed script location check",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2019-08-15T00:00:00.000Z",
"ID": "CVE-2019-9852",
"STATE": "PUBLIC",
"TITLE": "Insufficient URL encoding flaw in allowed script location check"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.2.6"
}
]
}
}
]
},
"vendor_name": "Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Nils Emmerich of ERNW Research GmbH for discovering and reporting this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116 Improper Encoding or Escaping of Output"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "DSA-4501",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "USN-4102-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"name": "openSUSE-SU-2019:2057",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "20190910 [SECURITY] [DSA 4519-1] libreoffice security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"name": "openSUSE-SU-2019:2183",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2019-9852",
"datePublished": "2019-08-15T21:40:18.556261Z",
"dateReserved": "2019-03-17T00:00:00",
"dateUpdated": "2024-09-17T03:42:47.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0247 (GCVE-0-2014-0247)
Vulnerability from cvelistv5
Published
2014-07-03 17:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:39.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "FEDORA-2014-7679",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html"
},
{
"name": "USN-2253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2253-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/"
},
{
"name": "68151",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68151"
},
{
"name": "57383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57383"
},
{
"name": "openSUSE-SU-2014:0860",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81"
},
{
"name": "RHSA-2015:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"name": "59330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59330"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.mageia.org/show_bug.cgi?id=13580"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-16T12:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "FEDORA-2014-7679",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html"
},
{
"name": "USN-2253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2253-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/"
},
{
"name": "68151",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68151"
},
{
"name": "57383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57383"
},
{
"name": "openSUSE-SU-2014:0860",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81"
},
{
"name": "RHSA-2015:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"name": "59330",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59330"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.mageia.org/show_bug.cgi?id=13580"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0247",
"datePublished": "2014-07-03T17:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T09:05:39.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7882 (GCVE-0-2017-7882)
Vulnerability from cvelistv5
Published
2017-04-15 16:00
Modified
2024-08-05 16:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:28.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c"
},
{
"name": "97684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97684"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c"
},
{
"name": "97684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97684"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860"
},
{
"name": "https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c",
"refsource": "MISC",
"url": "https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c"
},
{
"name": "97684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97684"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7882",
"datePublished": "2017-04-15T16:00:00",
"dateReserved": "2017-04-15T00:00:00",
"dateUpdated": "2024-08-05T16:19:28.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8358 (GCVE-0-2017-8358)
Vulnerability from cvelistv5
Published
2017-04-30 17:00
Modified
2024-08-05 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:34:22.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889"
},
{
"name": "98395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98395"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-19T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889"
},
{
"name": "98395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98395"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c",
"refsource": "MISC",
"url": "https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889"
},
{
"name": "98395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98395"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8358",
"datePublished": "2017-04-30T17:00:00",
"dateReserved": "2017-04-30T00:00:00",
"dateUpdated": "2024-08-05T16:34:22.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2334 (GCVE-0-2012-2334)
Vulnerability from cvelistv5
Published
2012-06-19 20:00
Modified
2024-08-06 19:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:23.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60799"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821803"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "MDVSA-2012:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
},
{
"name": "20120516 CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e"
},
{
"name": "FEDORA-2012-8114",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
},
{
"name": "53570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53570"
},
{
"name": "[oss-security] 20120528 Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/28/2"
},
{
"name": "1027070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1027070"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-2334/"
},
{
"name": "DSA-2487",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2487"
},
{
"name": "46992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da"
},
{
"name": "47244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47244"
},
{
"name": "openoffice-powerpoint-dos(75695)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75695"
},
{
"name": "49392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49392"
},
{
"name": "49373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49373"
},
{
"name": "RHSA-2012:0705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
},
{
"name": "MDVSA-2012:091",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-2334.html"
},
{
"name": "82517",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/82517"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60799"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821803"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "MDVSA-2012:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
},
{
"name": "20120516 CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e"
},
{
"name": "FEDORA-2012-8114",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
},
{
"name": "53570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53570"
},
{
"name": "[oss-security] 20120528 Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/28/2"
},
{
"name": "1027070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1027070"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-2334/"
},
{
"name": "DSA-2487",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2487"
},
{
"name": "46992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da"
},
{
"name": "47244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47244"
},
{
"name": "openoffice-powerpoint-dos(75695)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75695"
},
{
"name": "49392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49392"
},
{
"name": "49373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49373"
},
{
"name": "RHSA-2012:0705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
},
{
"name": "MDVSA-2012:091",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-2334.html"
},
{
"name": "82517",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/82517"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2334",
"datePublished": "2012-06-19T20:00:00",
"dateReserved": "2012-04-19T00:00:00",
"dateUpdated": "2024-08-06T19:34:23.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16858 (GCVE-0-2018-16858)
Vulnerability from cvelistv5
Published
2019-03-25 17:43
Modified
2024-08-05 10:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| [UNKNOWN] | libreoffice |
Version: 6.0.7 Version: 6.1.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:32:54.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec"
},
{
"name": "46727",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46727/"
},
{
"name": "RHSA-2019:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2130"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "openSUSE-SU-2019:1929",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libreoffice",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-356",
"description": "CWE-356",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-18T15:06:07",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec"
},
{
"name": "46727",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46727/"
},
{
"name": "RHSA-2019:2130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2130"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "openSUSE-SU-2019:1929",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-16858",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libreoffice",
"version": {
"version_data": [
{
"version_value": "6.0.7"
},
{
"version_value": "6.1.3"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-356"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858"
},
{
"name": "http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html"
},
{
"name": "http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec",
"refsource": "MISC",
"url": "http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec"
},
{
"name": "46727",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46727/"
},
{
"name": "RHSA-2019:2130",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2130"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "openSUSE-SU-2019:1929",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-16858",
"datePublished": "2019-03-25T17:43:08",
"dateReserved": "2018-09-11T00:00:00",
"dateUpdated": "2024-08-05T10:32:54.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7788 (GCVE-0-2024-7788)
Vulnerability from cvelistv5
Published
2024-09-17 14:28
Modified
2024-10-12 13:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Summary
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 24.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:thedocumentfoundation:libreoffice:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libreoffice",
"vendor": "thedocumentfoundation",
"versions": [
{
"lessThan": "24.2.5",
"status": "affected",
"version": "24.2",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7788",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-17T15:52:01.086783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T15:55:47.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-10-12T13:05:35.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "\u003c 24.2.5",
"status": "affected",
"version": "24.2",
"versionType": "24.2 series"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks to Thanks to Yufan You for finding and reporting this issue"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Thanks to Michael Stahl of allotropia for providing a fix"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Digital Signature Invalidation\u0026nbsp; vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows \u003cspan style=\"background-color: rgb(246, 245, 244);\"\u003eSignature forgery vulnerability in LibreOffice\u003c/span\u003e\u003cp\u003eThis issue affects LibreOffice: from 24.2 before \u0026lt; 24.2.5.\u003c/p\u003e"
}
],
"value": "Improper Digital Signature Invalidation\u00a0 vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before \u003c 24.2.5."
}
],
"impacts": [
{
"capecId": "CAPEC-477",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-477 Signature Spoofing by Mixing Signed and Unsigned Content"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T14:28:36.075Z",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-7788"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Signatures in \"repair mode\" should not be trusted",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2024-7788",
"datePublished": "2024-09-17T14:28:36.075Z",
"dateReserved": "2024-08-14T11:41:07.960Z",
"dateUpdated": "2024-10-12T13:05:35.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4551 (GCVE-0-2015-4551)
Vulnerability from cvelistv5
Published
2015-11-10 16:00
Modified
2024-08-06 06:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:18:12.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034085",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-4551.html"
},
{
"name": "DSA-3394",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1034085",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-4551.html"
},
{
"name": "DSA-3394",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034085",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034085"
},
{
"name": "GLSA-201611-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034091"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77486"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/"
},
{
"name": "GLSA-201603-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2015-4551.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2015-4551.html"
},
{
"name": "DSA-3394",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3394"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4551",
"datePublished": "2015-11-10T16:00:00",
"dateReserved": "2015-06-12T00:00:00",
"dateUpdated": "2024-08-06T06:18:12.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6186 (GCVE-0-2023-6186)
Vulnerability from cvelistv5
Published
2023-12-11 11:56
Modified
2025-02-13 17:26
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.
In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.5 Version: 7.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.742Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6186"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5574"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.5.9",
"status": "affected",
"version": "7.5",
"versionType": "7.5 series"
},
{
"lessThan": "7.6.4",
"status": "affected",
"version": "7.6",
"versionType": "7.6 series"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Thanks to Reginaldo Silva of ubercomp.com for finding and reporting this issue"
}
],
"datePublic": "2023-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eInsufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.\u003c/div\u003e\u003cdiv\u003eIn affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.\n\nIn affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T14:06:33.556Z",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6186"
},
{
"url": "https://www.debian.org/security/2023/dsa-5574"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Link targets allow arbitrary script execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2023-6186",
"datePublished": "2023-12-11T11:56:40.349Z",
"dateReserved": "2023-11-17T09:15:24.395Z",
"dateUpdated": "2025-02-13T17:26:08.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6185 (GCVE-0-2023-6185)
Vulnerability from cvelistv5
Published
2023-12-11 11:52
Modified
2025-02-13 17:26
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins.
In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.5 Version: 7.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5574"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-20T16:47:31.483769Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T16:58:58.281Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.5.9",
"status": "affected",
"version": "7.5",
"versionType": "7.5 series"
},
{
"lessThan": "7.6.3",
"status": "affected",
"version": "7.6",
"versionType": "7.6 series"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Thanks to Reginaldo Silva of ubercomp.com for finding and reporting this issue"
}
],
"datePublic": "2023-12-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eImproper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins.\u003c/div\u003e\u003cdiv\u003eIn affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system.\u003c/div\u003e"
}
],
"value": "Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins.\n\nIn affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T14:06:29.950Z",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185"
},
{
"url": "https://www.debian.org/security/2023/dsa-5574"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper input validation enabling arbitrary Gstreamer pipeline injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2023-6185",
"datePublished": "2023-12-11T11:52:06.388Z",
"dateReserved": "2023-11-17T09:15:06.687Z",
"dateUpdated": "2025-02-13T17:26:08.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9855 (GCVE-0-2019-9855)
Vulnerability from cvelistv5
Published
2019-09-06 18:40
Modified
2024-09-16 18:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Windows 8.3 path equivalence handling flaw
Summary
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Document Foundation | LibreOffice |
Version: 6.2 < 6.2.7 Version: 6.3 < 6.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:55.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "openSUSE-SU-2019:2361",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "Document Foundation",
"versions": [
{
"lessThan": "6.2.7",
"status": "affected",
"version": "6.2",
"versionType": "custom"
},
{
"lessThan": "6.3.1",
"status": "affected",
"version": "6.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to alex (@insertscript) for reporting this issue"
}
],
"datePublic": "2019-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Windows 8.3 path equivalence handling flaw",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-22T05:03:53",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "openSUSE-SU-2019:2361",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Windows 8.3 path equivalence handling flaw allows LibreLogo script execution",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2019-09-06T00:00:00.000Z",
"ID": "CVE-2019-9855",
"STATE": "PUBLIC",
"TITLE": "Windows 8.3 path equivalence handling flaw allows LibreLogo script execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.2",
"version_value": "6.2.7"
},
{
"version_affected": "\u003c",
"version_name": "6.3",
"version_value": "6.3.1"
}
]
}
}
]
},
"vendor_name": "Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to alex (@insertscript) for reporting this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Windows 8.3 path equivalence handling flaw"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/"
},
{
"name": "openSUSE-SU-2019:2183",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "openSUSE-SU-2019:2361",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2019-9855",
"datePublished": "2019-09-06T18:40:17.271099Z",
"dateReserved": "2019-03-17T00:00:00",
"dateUpdated": "2024-09-16T18:49:33.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3575 (GCVE-0-2014-3575)
Vulnerability from cvelistv5
Published
2014-08-27 00:00
Modified
2024-08-06 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:17.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2014-10732",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html"
},
{
"name": "69354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69354"
},
{
"name": "apache-openoffice-cve20143575-info-disc(95420)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95420"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2014-3575.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"name": "RHSA-2015:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"name": "59877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59877"
},
{
"name": "20140821 CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "59600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59600"
},
{
"name": "1030754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030754"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2014-10732",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html"
},
{
"name": "69354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69354"
},
{
"name": "apache-openoffice-cve20143575-info-disc(95420)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95420"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2014-3575.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"name": "RHSA-2015:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"name": "59877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59877"
},
{
"name": "20140821 CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "59600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59600"
},
{
"name": "1030754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030754"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2014-10732",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html"
},
{
"name": "69354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69354"
},
{
"name": "apache-openoffice-cve20143575-info-disc(95420)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95420"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2014-3575.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2014-3575.html"
},
{
"name": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/",
"refsource": "CONFIRM",
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"name": "RHSA-2015:0377",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"name": "59877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59877"
},
{
"name": "20140821 CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html"
},
{
"name": "GLSA-201603-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "59600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59600"
},
{
"name": "1030754",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030754"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3575",
"datePublished": "2014-08-27T00:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:17.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2713 (GCVE-0-2011-2713)
Vulnerability from cvelistv5
Published
2011-10-21 18:00
Modified
2024-08-06 23:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2011-14036",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html"
},
{
"name": "openSUSE-SU-2011:1143",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html"
},
{
"name": "49969",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49969"
},
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "GLSA-201209-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"name": "MDVSA-2011:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:172"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/advisories/CVE-2011-2713/"
},
{
"name": "1026145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026145"
},
{
"name": "50692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50692"
},
{
"name": "76178",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/76178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725668"
},
{
"name": "FEDORA-2011-14049",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html"
},
{
"name": "DSA-2315",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2315"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-20T13:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2011-14036",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html"
},
{
"name": "openSUSE-SU-2011:1143",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html"
},
{
"name": "49969",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49969"
},
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "GLSA-201209-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"name": "MDVSA-2011:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:172"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/advisories/CVE-2011-2713/"
},
{
"name": "1026145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026145"
},
{
"name": "50692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50692"
},
{
"name": "76178",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/76178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725668"
},
{
"name": "FEDORA-2011-14049",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html"
},
{
"name": "DSA-2315",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2315"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2713",
"datePublished": "2011-10-21T18:00:00",
"dateReserved": "2011-07-11T00:00:00",
"dateUpdated": "2024-08-06T23:08:23.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12802 (GCVE-0-2020-12802)
Vulnerability from cvelistv5
Published
2020-06-08 15:23
Modified
2024-09-17 04:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Information Exposure
Summary
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitted from this protection prior to version 6.4.4. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: unspecified < 6.4.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.902Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802"
},
{
"name": "FEDORA-2020-8922773bc4",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/"
},
{
"name": "openSUSE-SU-2020:1222",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html"
},
{
"name": "openSUSE-SU-2020:1261",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html"
},
{
"name": "[debian-lts-announce] 20231231 [SECURITY] [DLA 3703-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "6.4.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a \u0027stealth mode\u0027 in which only documents from locations deemed \u0027trusted\u0027 are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice\u0027s ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitted from this protection prior to version 6.4.4. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T14:06:36.830396",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802"
},
{
"name": "FEDORA-2020-8922773bc4",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/"
},
{
"name": "openSUSE-SU-2020:1222",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html"
},
{
"name": "openSUSE-SU-2020:1261",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html"
},
{
"name": "[debian-lts-announce] 20231231 [SECURITY] [DLA 3703-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "remote graphics contained in docx format retrieved in \u0027stealth mode\u0027",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2020-12802",
"datePublished": "2020-06-08T15:23:05.479080Z",
"dateReserved": "2020-05-12T00:00:00",
"dateUpdated": "2024-09-17T04:08:53.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9849 (GCVE-0-2019-9849)
Vulnerability from cvelistv5
Published
2019-07-17 11:26
Modified
2024-09-17 00:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- In 'stealth mode' where only trusted documents are allowed to download remote resources untrusted documents could download remote bullet graphics urls
Summary
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Document Foundation | LibreOffice |
Version: unspecified < 6.2.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:55.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9849"
},
{
"name": "USN-4063-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"name": "FEDORA-2019-5561d20558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"name": "109374",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109374"
},
{
"name": "GLSA-201908-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "Document Foundation",
"versions": [
{
"lessThan": "6.2.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Matei \"Mal\" Badanoiu for discovering and reporting this problem"
}
],
"datePublic": "2019-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a \u0027stealth mode\u0027 in which only documents from locations deemed \u0027trusted\u0027 are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice\u0027s ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "In \u0027stealth mode\u0027 where only trusted documents are allowed to download remote resources untrusted documents could download remote bullet graphics urls",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-06T13:06:06",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9849"
},
{
"name": "USN-4063-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"name": "FEDORA-2019-5561d20558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"name": "109374",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109374"
},
{
"name": "GLSA-201908-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"source": {
"defect": [
"remote",
"bullet",
"graphics",
"retrieved",
"in",
"\u0027stealth",
"mode\u0027"
],
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2019-07-16T00:00:00.000Z",
"ID": "CVE-2019-9849",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.2.5"
}
]
}
}
]
},
"vendor_name": "Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Matei \"Mal\" Badanoiu for discovering and reporting this problem"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice has a \u0027stealth mode\u0027 in which only documents from locations deemed \u0027trusted\u0027 are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice\u0027s ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "In \u0027stealth mode\u0027 where only trusted documents are allowed to download remote resources untrusted documents could download remote bullet graphics urls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9849",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9849"
},
{
"name": "USN-4063-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"name": "FEDORA-2019-5561d20558",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"name": "109374",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109374"
},
{
"name": "GLSA-201908-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "openSUSE-SU-2019:2057",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
]
},
"source": {
"defect": [
"remote",
"bullet",
"graphics",
"retrieved",
"in",
"\u0027stealth",
"mode\u0027"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2019-9849",
"datePublished": "2019-07-17T11:26:03.387949Z",
"dateReserved": "2019-03-17T00:00:00",
"dateUpdated": "2024-09-17T00:06:18.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7870 (GCVE-0-2017-7870)
Vulnerability from cvelistv5
Published
2017-04-14 04:30
Modified
2024-08-05 16:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:29.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3837",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3837"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372"
},
{
"name": "97671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97671"
},
{
"name": "RHSA-2017:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1975"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"
},
{
"name": "1039029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/"
},
{
"name": "GLSA-201706-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3837",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3837"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372"
},
{
"name": "97671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97671"
},
{
"name": "RHSA-2017:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1975"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"
},
{
"name": "1039029",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/"
},
{
"name": "GLSA-201706-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-28"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3837",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3837"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372"
},
{
"name": "97671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97671"
},
{
"name": "RHSA-2017:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1975"
},
{
"name": "https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722",
"refsource": "MISC",
"url": "https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"
},
{
"name": "1039029",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039029"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/"
},
{
"name": "GLSA-201706-28",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-28"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7870",
"datePublished": "2017-04-14T04:30:00",
"dateReserved": "2017-04-14T00:00:00",
"dateUpdated": "2024-08-05T16:19:29.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14226 (GCVE-0-2017-14226)
Vulnerability from cvelistv5
Published
2017-09-09 08:00
Modified
2024-09-16 19:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:20:41.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=112269"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceforge.net/p/libwpd/tickets/14/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-09T08:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=112269"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceforge.net/p/libwpd/tickets/14/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1489337",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489337"
},
{
"name": "https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/"
},
{
"name": "https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/"
},
{
"name": "https://bugs.documentfoundation.org/show_bug.cgi?id=112269",
"refsource": "MISC",
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=112269"
},
{
"name": "https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9",
"refsource": "MISC",
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9"
},
{
"name": "https://sourceforge.net/p/libwpd/tickets/14/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/libwpd/tickets/14/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14226",
"datePublished": "2017-09-09T08:00:00Z",
"dateReserved": "2017-09-09T00:00:00Z",
"dateUpdated": "2024-09-16T19:10:14.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25636 (GCVE-0-2021-25636)
Vulnerability from cvelistv5
Published
2022-02-22 00:00
Modified
2024-08-03 20:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to contain both "X509Data" and "KeyValue" children of the "KeyInfo" tag, which when opened caused LibreOffice to verify using the "KeyValue" but to report verification with the unrelated "X509Data" value. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.5.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.2 < 7.2.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/"
},
{
"name": "FEDORA-2022-3bbe89c20f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NE6UIBCPZWRBWPSEGJOPNWPPT3CCMVH2/"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.2.5",
"status": "affected",
"version": "7.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to NDS of Ruhr University Bochum for discovering and reporting this problem."
}
],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to contain both \"X509Data\" and \"KeyValue\" children of the \"KeyInfo\" tag, which when opened caused LibreOffice to verify using the \"KeyValue\" but to report verification with the unrelated \"X509Data\" value. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-26T00:00:00",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/"
},
{
"name": "FEDORA-2022-3bbe89c20f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NE6UIBCPZWRBWPSEGJOPNWPPT3CCMVH2/"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Incorrect trust validation of signature with ambiguous KeyInfo children",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2021-25636",
"datePublished": "2022-02-22T00:00:00",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:11:27.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2665 (GCVE-0-2012-2665)
Vulnerability from cvelistv5
Published
2012-08-06 18:00
Modified
2024-08-06 19:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:42:31.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "GLSA-201209-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826077"
},
{
"name": "DSA-2520",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2520"
},
{
"name": "USN-1536-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1536-1"
},
{
"name": "RHSA-2012:1135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1135.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt"
},
{
"name": "54769",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54769"
},
{
"name": "50692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50692"
},
{
"name": "1027332",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027332"
},
{
"name": "1027331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027331"
},
{
"name": "50142",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50142"
},
{
"name": "USN-1537-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1537-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/"
},
{
"name": "50146",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50146"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-06T17:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "GLSA-201209-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826077"
},
{
"name": "DSA-2520",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2520"
},
{
"name": "USN-1536-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1536-1"
},
{
"name": "RHSA-2012:1135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1135.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt"
},
{
"name": "54769",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54769"
},
{
"name": "50692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50692"
},
{
"name": "1027332",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027332"
},
{
"name": "1027331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027331"
},
{
"name": "50142",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50142"
},
{
"name": "USN-1537-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1537-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/"
},
{
"name": "50146",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50146"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2665",
"datePublished": "2012-08-06T18:00:00",
"dateReserved": "2012-05-14T00:00:00",
"dateUpdated": "2024-08-06T19:42:31.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3693 (GCVE-0-2014-3693)
Vulnerability from cvelistv5
Published
2014-11-07 19:00
Modified
2024-08-06 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:18.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/"
},
{
"name": "62396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62396"
},
{
"name": "71351",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71351"
},
{
"name": "USN-2398-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2398-1"
},
{
"name": "RHSA-2015:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"name": "62132",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62132"
},
{
"name": "openSUSE-SU-2014:1412",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html"
},
{
"name": "62111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62111"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/"
},
{
"name": "62396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62396"
},
{
"name": "71351",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71351"
},
{
"name": "USN-2398-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2398-1"
},
{
"name": "RHSA-2015:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"name": "62132",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62132"
},
{
"name": "openSUSE-SU-2014:1412",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html"
},
{
"name": "62111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62111"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-05"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3693",
"datePublished": "2014-11-07T19:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:18.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26306 (GCVE-0-2022-26306)
Vulnerability from cvelistv5
Published
2022-07-25 00:00
Modified
2024-08-03 05:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-326 - Inadequate Encryption Strength
Summary
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user's configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.2 < 7.2.7 Version: 7.3 < 7.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:31.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306"
},
{
"name": "[oss-security] 20220812 CVE-2022-37400: Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/1"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.2.7",
"status": "affected",
"version": "7.2",
"versionType": "custom"
},
{
"lessThan": "7.3.1",
"status": "affected",
"version": "7.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "OpenSource Security GmbH on behalf of the German Federal Office for Information Security"
}
],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports the storage of passwords for web connections in the user\u2019s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user\u0027s configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-26T00:00:00",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306"
},
{
"name": "[oss-security] 20220812 CVE-2022-37400: Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/1"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Execution of Untrusted Macros Due to Improper Certificate Validation",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2022-26306",
"datePublished": "2022-07-25T00:00:00",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:31.153Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2685 (GCVE-0-2011-2685)
Vulnerability from cvelistv5
Published
2011-07-21 23:00
Modified
2024-08-06 23:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2011:1143",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html"
},
{
"name": "[oss-security] 20110712 Re: libreoffice/openoffice.org CVE id request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/13"
},
{
"name": "MDVSA-2011:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:172"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877"
},
{
"name": "VU#953183",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/953183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d"
},
{
"name": "[oss-security] 20110706 libreoffice/openoffice.org CVE id request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/06/13"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-11-24T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2011:1143",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html"
},
{
"name": "[oss-security] 20110712 Re: libreoffice/openoffice.org CVE id request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/13"
},
{
"name": "MDVSA-2011:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:172"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877"
},
{
"name": "VU#953183",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/953183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d"
},
{
"name": "[oss-security] 20110706 libreoffice/openoffice.org CVE id request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/07/06/13"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2011:1143",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html"
},
{
"name": "[oss-security] 20110712 Re: libreoffice/openoffice.org CVE id request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/13"
},
{
"name": "MDVSA-2011:172",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:172"
},
{
"name": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877",
"refsource": "MISC",
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877"
},
{
"name": "VU#953183",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/953183"
},
{
"name": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d",
"refsource": "MISC",
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d"
},
{
"name": "[oss-security] 20110706 libreoffice/openoffice.org CVE id request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/07/06/13"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2685",
"datePublished": "2011-07-21T23:00:00",
"dateReserved": "2011-07-11T00:00:00",
"dateUpdated": "2024-08-06T23:08:23.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2255 (GCVE-0-2023-2255)
Vulnerability from cvelistv5
Published
2023-05-25 00:00
Modified
2024-08-02 06:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-264 - Permissions, Privileges, and Access Controls
Summary
Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.4 < 7.4.7 Version: 7.5 < 7.5.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:19:14.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255"
},
{
"name": "DSA-5415",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5415"
},
{
"name": "[debian-lts-announce] 20230813 [SECURITY] [DLA 3526-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html"
},
{
"name": "GLSA-202311-15",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.4.7",
"status": "affected",
"version": "7.4",
"versionType": "custom"
},
{
"lessThan": "7.5.3",
"status": "affected",
"version": "7.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Amel Bouziane-Leblond for discovering and reporting the issue"
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used \"floating frames\" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264 Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-26T09:06:16.295449",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255"
},
{
"name": "DSA-5415",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5415"
},
{
"name": "[debian-lts-announce] 20230813 [SECURITY] [DLA 3526-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html"
},
{
"name": "GLSA-202311-15",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-15"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Remote documents loaded without prompt via IFrame",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2023-2255",
"datePublished": "2023-05-25T00:00:00",
"dateReserved": "2023-04-24T00:00:00",
"dateUpdated": "2024-08-02T06:19:14.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1149 (GCVE-0-2012-1149)
Vulnerability from cvelistv5
Published
2012-06-21 15:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "GLSA-201209-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"name": "20120516 CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html"
},
{
"name": "81988",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/81988"
},
{
"name": "MDVSA-2012:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
},
{
"name": "DSA-2473",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2473"
},
{
"name": "FEDORA-2012-8114",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
},
{
"name": "49140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49140"
},
{
"name": "53570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53570"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-1149.html"
},
{
"name": "DSA-2487",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2487"
},
{
"name": "46992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46992"
},
{
"name": "47244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47244"
},
{
"name": "49392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49392"
},
{
"name": "49373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49373"
},
{
"name": "50692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50692"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-1149/"
},
{
"name": "RHSA-2012:0705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
},
{
"name": "FEDORA-2012-8042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html"
},
{
"name": "MDVSA-2012:091",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
},
{
"name": "openoffice-vclmi-bo(75692)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75692"
},
{
"name": "1027068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1027068"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "60799",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60799"
},
{
"name": "GLSA-201408-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"name": "GLSA-201209-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"name": "20120516 CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html"
},
{
"name": "81988",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/81988"
},
{
"name": "MDVSA-2012:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
},
{
"name": "DSA-2473",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2473"
},
{
"name": "FEDORA-2012-8114",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
},
{
"name": "49140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49140"
},
{
"name": "53570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53570"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-1149.html"
},
{
"name": "DSA-2487",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2487"
},
{
"name": "46992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46992"
},
{
"name": "47244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47244"
},
{
"name": "49392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49392"
},
{
"name": "49373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49373"
},
{
"name": "50692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50692"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-1149/"
},
{
"name": "RHSA-2012:0705",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
},
{
"name": "FEDORA-2012-8042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html"
},
{
"name": "MDVSA-2012:091",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
},
{
"name": "openoffice-vclmi-bo(75692)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75692"
},
{
"name": "1027068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1027068"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1149",
"datePublished": "2012-06-21T15:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10327 (GCVE-0-2016-10327)
Vulnerability from cvelistv5
Published
2017-04-14 04:30
Modified
2024-08-06 03:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:43.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/"
},
{
"name": "97668",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97668"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416"
},
{
"name": "GLSA-201706-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-28"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/"
},
{
"name": "97668",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97668"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416"
},
{
"name": "GLSA-201706-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-28"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10327",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/"
},
{
"name": "97668",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97668"
},
{
"name": "https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416",
"refsource": "MISC",
"url": "https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416"
},
{
"name": "GLSA-201706-28",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-28"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10327",
"datePublished": "2017-04-14T04:30:00",
"dateReserved": "2017-04-14T00:00:00",
"dateUpdated": "2024-08-06T03:14:43.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2866 (GCVE-0-2025-2866)
Vulnerability from cvelistv5
Published
2025-04-27 19:04
Modified
2025-04-28 13:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Summary
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation.
In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid
This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 24.8 Version: 25.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2866",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-28T13:41:33.064404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T13:41:41.123Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "\u003c 24.8.6",
"status": "affected",
"version": "24.8",
"versionType": "24.8 series"
},
{
"lessThan": "\u003c 25.2.2",
"status": "affected",
"version": "25.2",
"versionType": "25.2 series"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks to Juraj \u0160arinay for discovering this issue and for providing a fix"
}
],
"datePublic": "2025-04-27T19:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eImproper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eIn the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis issue affects LibreOffice: from 24.8 before \u0026lt; 24.8.6, from 25.2 before \u0026lt; 25.2.2.\u003c/div\u003e"
}
],
"value": "Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation.\n\n\n\n\nIn the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid\n\n\n\n\nThis issue affects LibreOffice: from 24.8 before \u003c 24.8.6, from 25.2 before \u003c 25.2.2."
}
],
"impacts": [
{
"capecId": "CAPEC-475",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-475 Signature Spoofing by Improper Validation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 2.4,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-27T19:04:52.226Z",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-2866"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "PDF signature forgery with adbe.pkcs7.sha1 SubFilter",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2025-2866",
"datePublished": "2025-04-27T19:04:52.226Z",
"dateReserved": "2025-03-27T11:22:16.241Z",
"dateUpdated": "2025-04-28T13:41:41.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14939 (GCVE-0-2018-14939)
Vulnerability from cvelistv5
Published
2018-08-05 18:00
Modified
2024-08-05 09:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:46:24.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105047",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105047"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=118514"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-10T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "105047",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105047"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=118514"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105047",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105047"
},
{
"name": "https://bugs.documentfoundation.org/show_bug.cgi?id=118514",
"refsource": "MISC",
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=118514"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14939",
"datePublished": "2018-08-05T18:00:00",
"dateReserved": "2018-08-05T00:00:00",
"dateUpdated": "2024-08-05T09:46:24.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3140 (GCVE-0-2022-3140)
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 01:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.4 < 7.4.1 Version: 7.3 < 7.3.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140"
},
{
"name": "DSA-5252",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5252"
},
{
"name": "FEDORA-2022-775c747e4a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/"
},
{
"name": "GLSA-202212-04",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202212-04"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.4.1",
"status": "affected",
"version": "7.4",
"versionType": "custom"
},
{
"lessThan": "7.3.6",
"status": "affected",
"version": "7.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "TheSecurityDev working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme \u0027vnd.libreoffice.command\u0027 specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-26T00:00:00",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140"
},
{
"name": "DSA-5252",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5252"
},
{
"name": "FEDORA-2022-775c747e4a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/"
},
{
"name": "GLSA-202212-04",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202212-04"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Macro URL arbitrary script execution",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2022-3140",
"datePublished": "2022-10-11T00:00:00",
"dateReserved": "2022-09-06T00:00:00",
"dateUpdated": "2024-08-03T01:00:10.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5214 (GCVE-0-2015-5214)
Vulnerability from cvelistv5
Published
2015-11-10 16:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:08.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5214.html"
},
{
"name": "1034086",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034086"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "DSA-3394",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5214.html"
},
{
"name": "1034086",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034086"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "DSA-3394",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201611-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034091"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77486"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2015-5214.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2015-5214.html"
},
{
"name": "1034086",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034086"
},
{
"name": "GLSA-201603-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "DSA-3394",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3394"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5214",
"datePublished": "2015-11-10T16:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:08.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0794 (GCVE-0-2016-0794)
Vulnerability from cvelistv5
Published
2016-02-18 21:00
Modified
2024-08-05 22:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:04.969Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1415",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html"
},
{
"name": "openSUSE-SU-2016:1805",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html"
},
{
"name": "20160217 Multiple Vendor LibreOffice Writer Lotus Word Pro Bullet Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1222"
},
{
"name": "FEDORA-2016-962c0d156d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html"
},
{
"name": "20160217 Multiple Vendor LibreOffice Writer Lotus Word Pro \u0027ReadRootData\u0027 Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1220"
},
{
"name": "1035022",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035022"
},
{
"name": "RHSA-2016:2579",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/"
},
{
"name": "20160217 Multiple Vendor LibreOffice Writer Lotus Word Pro TabRack Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1221"
},
{
"name": "DSA-3482",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3482"
},
{
"name": "USN-2899-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2899-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2016:1415",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html"
},
{
"name": "openSUSE-SU-2016:1805",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html"
},
{
"name": "20160217 Multiple Vendor LibreOffice Writer Lotus Word Pro Bullet Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1222"
},
{
"name": "FEDORA-2016-962c0d156d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html"
},
{
"name": "20160217 Multiple Vendor LibreOffice Writer Lotus Word Pro \u0027ReadRootData\u0027 Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1220"
},
{
"name": "1035022",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035022"
},
{
"name": "RHSA-2016:2579",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/"
},
{
"name": "20160217 Multiple Vendor LibreOffice Writer Lotus Word Pro TabRack Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1221"
},
{
"name": "DSA-3482",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3482"
},
{
"name": "USN-2899-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2899-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-0794",
"datePublished": "2016-02-18T21:00:00",
"dateReserved": "2015-12-16T00:00:00",
"dateUpdated": "2024-08-05T22:30:04.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10583 (GCVE-0-2018-10583)
Vulnerability from cvelistv5
Published
2018-05-01 16:00
Modified
2024-08-05 07:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:39:08.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2018-10583"
},
{
"name": "RHSA-2018:3054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"name": "USN-3883-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "44564",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44564/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/"
},
{
"name": "[openoffice-dev] 20190928 CVE-2018-10583",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20190929 Re: CVE-2018-10583",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20190930 Re: CVE-2018-10583",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "20201021 [RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Oct/26"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T12:06:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2018-10583"
},
{
"name": "RHSA-2018:3054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"name": "USN-3883-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "44564",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44564/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/"
},
{
"name": "[openoffice-dev] 20190928 CVE-2018-10583",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20190929 Re: CVE-2018-10583",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20190930 Re: CVE-2018-10583",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909%40%3Cdev.openoffice.apache.org%3E"
},
{
"name": "20201021 [RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Oct/26"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10583",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2018-10583",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2018-10583"
},
{
"name": "RHSA-2018:3054",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"name": "USN-3883-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "44564",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44564/"
},
{
"name": "http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/",
"refsource": "MISC",
"url": "http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/"
},
{
"name": "[openoffice-dev] 20190928 CVE-2018-10583",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d@%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20190929 Re: CVE-2018-10583",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af@%3Cdev.openoffice.apache.org%3E"
},
{
"name": "[openoffice-dev] 20190930 Re: CVE-2018-10583",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909@%3Cdev.openoffice.apache.org%3E"
},
{
"name": "20201021 [RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Oct/26"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10583",
"datePublished": "2018-05-01T16:00:00",
"dateReserved": "2018-05-01T00:00:00",
"dateUpdated": "2024-08-05T07:39:08.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9093 (GCVE-0-2014-9093)
Vulnerability from cvelistv5
Published
2014-11-26 15:00
Modified
2024-08-06 13:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:33:13.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20141119 CVE Request: LibreOffice -- several issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=86449"
},
{
"name": "FEDORA-2014-15486",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html"
},
{
"name": "DSA-3163",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3163"
},
{
"name": "[oss-security] 20141126 Re: CVE Request: LibreOffice -- several issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/26/7"
},
{
"name": "USN-2578-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-01T15:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20141119 CVE Request: LibreOffice -- several issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=86449"
},
{
"name": "FEDORA-2014-15486",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html"
},
{
"name": "DSA-3163",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3163"
},
{
"name": "[oss-security] 20141126 Re: CVE Request: LibreOffice -- several issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/26/7"
},
{
"name": "USN-2578-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20141119 CVE Request: LibreOffice -- several issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/3"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=86449",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=86449"
},
{
"name": "FEDORA-2014-15486",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html"
},
{
"name": "DSA-3163",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3163"
},
{
"name": "[oss-security] 20141126 Re: CVE Request: LibreOffice -- several issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/11/26/7"
},
{
"name": "USN-2578-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"name": "GLSA-201603-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9093",
"datePublished": "2014-11-26T15:00:00",
"dateReserved": "2014-11-26T00:00:00",
"dateUpdated": "2024-08-06T13:33:13.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12801 (GCVE-0-2020-12801)
Vulnerability from cvelistv5
Published
2020-05-18 14:20
Modified
2024-11-18 17:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Summary
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 6-3 series < 6.3.6 Version: 6-4 series < 6.4.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801"
},
{
"name": "openSUSE-SU-2020:0786",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html"
},
{
"name": "[debian-lts-announce] 20231231 [SECURITY] [DLA 3703-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-12801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-10T15:37:49.768784Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T17:29:42.515Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "6.3.6",
"status": "affected",
"version": "6-3 series",
"versionType": "custom"
},
{
"lessThan": "6.4.3",
"status": "affected",
"version": "6-4 series",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Tomas Florian \u003ctomas@armoreye.ca\u003e for raising awareness of the issue"
}
],
"datePublic": "2020-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice\u0027s default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T14:06:29.477186",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801"
},
{
"name": "openSUSE-SU-2020:0786",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html"
},
{
"name": "[debian-lts-announce] 20231231 [SECURITY] [DLA 3703-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Crash-recovered MSOffice encrypted documents defaulted to not to using encryption on next save",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2020-12801",
"datePublished": "2020-05-18T14:20:08.325905Z",
"dateReserved": "2020-05-12T00:00:00",
"dateUpdated": "2024-11-18T17:29:42.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9850 (GCVE-0-2019-9850)
Vulnerability from cvelistv5
Published
2019-08-15 21:30
Modified
2024-09-16 16:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insufficient url validation
Summary
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Document Foundation | LibreOffice |
Version: unspecified < 6.2.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:54.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "DSA-4501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"name": "FEDORA-2019-dd9d207c17",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WVSDPZJG3UA43X3JXRHJAWXLDZEW77LM/"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "USN-4102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "Document Foundation",
"versions": [
{
"lessThan": "6.2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to alex (@insertscript) for reporting this issue"
}
],
"datePublic": "2019-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient url validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-06T13:06:05",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "DSA-4501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"name": "FEDORA-2019-dd9d207c17",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WVSDPZJG3UA43X3JXRHJAWXLDZEW77LM/"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "USN-4102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient url validation allowing LibreLogo script execution",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2019-08-15T00:00:00.000Z",
"ID": "CVE-2019-9850",
"STATE": "PUBLIC",
"TITLE": "Insufficient url validation allowing LibreLogo script execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.2.6"
}
]
}
}
]
},
"vendor_name": "Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to alex (@insertscript) for reporting this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient url validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "DSA-4501",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"name": "FEDORA-2019-dd9d207c17",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WVSDPZJG3UA43X3JXRHJAWXLDZEW77LM/"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "USN-4102-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"name": "openSUSE-SU-2019:2057",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2019-9850",
"datePublished": "2019-08-15T21:30:42.285992Z",
"dateReserved": "2019-03-17T00:00:00",
"dateUpdated": "2024-09-16T16:47:47.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25633 (GCVE-0-2021-25633)
Vulnerability from cvelistv5
Published
2021-10-11 16:43
Modified
2024-09-16 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-295 - Improper Certificate Validation
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7-0 < 7.0.6 Version: 7-1 < 7.1.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.0.6",
"status": "affected",
"version": "7-0",
"versionType": "custom"
},
{
"lessThan": "7.1.2",
"status": "affected",
"version": "7-1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "NDS of Ruhr University Bochum"
}
],
"datePublic": "2021-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-17T10:06:21",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Content Manipulation with Double Certificate Attack",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2021-10-11T00:00:00.000Z",
"ID": "CVE-2021-25633",
"STATE": "PUBLIC",
"TITLE": "Content Manipulation with Double Certificate Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7-0",
"version_value": "7.0.6"
},
{
"version_affected": "\u003c",
"version_name": "7-1",
"version_value": "7.1.2"
}
]
}
}
]
},
"vendor_name": "The Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "NDS of Ruhr University Bochum"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4988"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2021-25633",
"datePublished": "2021-10-11T16:43:34.400173Z",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-09-16T18:28:34.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5639 (GCVE-0-2012-5639)
Vulnerability from cvelistv5
Published
2019-12-20 13:55
Modified
2025-02-13 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- UNKNOWN_TYPE
Summary
LibreOffice and OpenOffice automatically open embedded content
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| LibreOffice; OpenOffice | LibreOffice, OpenOffice |
Version: through at least 2012-12-15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-5639"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/14/1"
},
{
"name": "Red Hat",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-5639"
},
{
"name": "[openoffice-issues] 20201025 [Issue 121493] CVE-2012-5639: Remote file inclusion by office application",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2012-5639",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:09:43.165391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:15:01.473Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice, OpenOffice",
"vendor": "LibreOffice; OpenOffice",
"versions": [
{
"status": "affected",
"version": "through at least 2012-12-15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice and OpenOffice automatically open embedded content"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UNKNOWN_TYPE",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-04T00:06:13.395Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-5639"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/14/1"
},
{
"name": "Red Hat",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/cve-2012-5639"
},
{
"name": "[openoffice-issues] 20201025 [Issue 121493] CVE-2012-5639: Remote file inclusion by office application",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/7"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5639",
"datePublished": "2019-12-20T13:55:44.000Z",
"dateReserved": "2012-10-24T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:27:10.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12803 (GCVE-0-2020-12803)
Vulnerability from cvelistv5
Published
2020-06-08 15:43
Modified
2024-09-16 22:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- xforms submission target on local file system allowed
Summary
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for macros or other active scripting Prior to version 6.4.4 LibreOffice allowed forms to be submitted to any URI, including file: URIs, enabling form submissions to overwrite local files. User-interaction is required to submit the form, but to avoid the possibility of malicious documents engineered to maximize the possibility of inadvertent user submission this feature has now been limited to http[s] URIs, removing the possibility to overwrite local files. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: unspecified < 6.4.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12803"
},
{
"name": "FEDORA-2020-8922773bc4",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/"
},
{
"name": "openSUSE-SU-2020:1222",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html"
},
{
"name": "openSUSE-SU-2020:1261",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html"
},
{
"name": "[debian-lts-announce] 20231231 [SECURITY] [DLA 3703-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "6.4.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for macros or other active scripting Prior to version 6.4.4 LibreOffice allowed forms to be submitted to any URI, including file: URIs, enabling form submissions to overwrite local files. User-interaction is required to submit the form, but to avoid the possibility of malicious documents engineered to maximize the possibility of inadvertent user submission this feature has now been limited to http[s] URIs, removing the possibility to overwrite local files. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "xforms submission target on local file system allowed",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T14:06:33.068047",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12803"
},
{
"name": "FEDORA-2020-8922773bc4",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/"
},
{
"name": "openSUSE-SU-2020:1222",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html"
},
{
"name": "openSUSE-SU-2020:1261",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html"
},
{
"name": "[debian-lts-announce] 20231231 [SECURITY] [DLA 3703-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "XForms submissions could overwrite local files",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2020-12803",
"datePublished": "2020-06-08T15:43:09.400466Z",
"dateReserved": "2020-05-12T00:00:00",
"dateUpdated": "2024-09-16T22:25:46.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5213 (GCVE-0-2015-5213)
Vulnerability from cvelistv5
Published
2015-11-10 16:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:08.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034085",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5213.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "DSA-3394",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1034085",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5213.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "DSA-3394",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034085",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034085"
},
{
"name": "GLSA-201611-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034091"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77486"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2015-5213.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2015-5213.html"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/"
},
{
"name": "GLSA-201603-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "DSA-3394",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3394"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5213",
"datePublished": "2015-11-10T16:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:08.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25631 (GCVE-0-2021-25631)
Vulnerability from cvelistv5
Published
2021-05-03 11:10
Modified
2024-09-16 17:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-184 - Incomplete Denylist
Summary
In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.1 < 7.1.2 Version: 7.0 < 7.0.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://positive.security/blog/url-open-rce#open-libreoffice"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.1.2",
"status": "affected",
"version": "7.1",
"versionType": "custom"
},
{
"lessThan": "7.0.5",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lukas Euler of Positive Security"
}
],
"datePublic": "2021-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn\u0027t match the denylist but results in ShellExecute attempting to launch an executable type."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-184",
"description": "CWE-184 Incomplete Denylist",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-03T11:10:33",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://positive.security/blog/url-open-rce#open-libreoffice"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "denylist of executable filename extensions possible to bypass under windows",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2021-04-15T00:00:00.000Z",
"ID": "CVE-2021-25631",
"STATE": "PUBLIC",
"TITLE": "denylist of executable filename extensions possible to bypass under windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_name": "7.1",
"version_value": "7.1.2"
},
{
"platform": "Windows",
"version_affected": "\u003c",
"version_name": "7.0",
"version_value": "7.0.5"
}
]
}
}
]
},
"vendor_name": "The Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lukas Euler of Positive Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn\u0027t match the denylist but results in ShellExecute attempting to launch an executable type."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-184 Incomplete Denylist"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://positive.security/blog/url-open-rce#open-libreoffice",
"refsource": "MISC",
"url": "https://positive.security/blog/url-open-rce#open-libreoffice"
},
{
"name": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2021-25631",
"datePublished": "2021-05-03T11:10:33.079682Z",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-09-16T17:08:37.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5212 (GCVE-0-2015-5212)
Vulnerability from cvelistv5
Published
2015-11-10 16:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:08.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034085",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/"
},
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5212.html"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "DSA-3394",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting \"Load printer settings with the document\" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1034085",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/"
},
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5212.html"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "DSA-3394",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting \"Load printer settings with the document\" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034085",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034085"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/"
},
{
"name": "GLSA-201611-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1034091",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034091"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "RHSA-2015:2619",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"name": "USN-2793-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"name": "77486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77486"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2015-5212.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2015-5212.html"
},
{
"name": "GLSA-201603-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "DSA-3394",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3394"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5212",
"datePublished": "2015-11-10T16:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:08.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4233 (GCVE-0-2012-4233)
Vulnerability from cvelistv5
Published
2012-11-19 11:00
Modified
2024-08-06 20:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:28:07.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=44bc6b5cac723b52df40fbef026e99b7119d8a69"
},
{
"name": "libreoffice-svxcorelo-dos(79730)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79730"
},
{
"name": "openSUSE-SU-2012:1686",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00075.html"
},
{
"name": "libreoffice-ppt-file-dos(79731)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79731"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=6789ec4c1a9c6af84bd62e650a03226a46365d97"
},
{
"name": "[oss-security] 20121102 Re: CVE-2012-4233: multiple null pointer dereference flaws in LibreOffice/OpenOffice.org",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/02/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7\u0026id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b"
},
{
"name": "libreoffice-odt-dos(79728)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79728"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-4233/"
},
{
"name": "libreoffice-xls-dos(79732)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79732"
},
{
"name": "56352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56352"
},
{
"name": "DSA-2570",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2570"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=8ca9fb05c9967f11670d045886438ddfa3ac02a7"
},
{
"name": "openSUSE-SU-2012:1523",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.htbridge.com/advisory/HTB23106"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=44bc6b5cac723b52df40fbef026e99b7119d8a69"
},
{
"name": "libreoffice-svxcorelo-dos(79730)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79730"
},
{
"name": "openSUSE-SU-2012:1686",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00075.html"
},
{
"name": "libreoffice-ppt-file-dos(79731)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79731"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=6789ec4c1a9c6af84bd62e650a03226a46365d97"
},
{
"name": "[oss-security] 20121102 Re: CVE-2012-4233: multiple null pointer dereference flaws in LibreOffice/OpenOffice.org",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/11/02/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7\u0026id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b"
},
{
"name": "libreoffice-odt-dos(79728)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79728"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-4233/"
},
{
"name": "libreoffice-xls-dos(79732)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79732"
},
{
"name": "56352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56352"
},
{
"name": "DSA-2570",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2570"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=8ca9fb05c9967f11670d045886438ddfa3ac02a7"
},
{
"name": "openSUSE-SU-2012:1523",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.htbridge.com/advisory/HTB23106"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4233",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=44bc6b5cac723b52df40fbef026e99b7119d8a69",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=44bc6b5cac723b52df40fbef026e99b7119d8a69"
},
{
"name": "libreoffice-svxcorelo-dos(79730)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79730"
},
{
"name": "openSUSE-SU-2012:1686",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00075.html"
},
{
"name": "libreoffice-ppt-file-dos(79731)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79731"
},
{
"name": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=6789ec4c1a9c6af84bd62e650a03226a46365d97",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=6789ec4c1a9c6af84bd62e650a03226a46365d97"
},
{
"name": "[oss-security] 20121102 Re: CVE-2012-4233: multiple null pointer dereference flaws in LibreOffice/OpenOffice.org",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/02/2"
},
{
"name": "http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7\u0026id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7\u0026id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b"
},
{
"name": "libreoffice-odt-dos(79728)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79728"
},
{
"name": "http://www.libreoffice.org/advisories/cve-2012-4233/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/advisories/cve-2012-4233/"
},
{
"name": "libreoffice-xls-dos(79732)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79732"
},
{
"name": "56352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56352"
},
{
"name": "DSA-2570",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2570"
},
{
"name": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=8ca9fb05c9967f11670d045886438ddfa3ac02a7",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=8ca9fb05c9967f11670d045886438ddfa3ac02a7"
},
{
"name": "openSUSE-SU-2012:1523",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html"
},
{
"name": "https://www.htbridge.com/advisory/HTB23106",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23106"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4233",
"datePublished": "2012-11-19T11:00:00",
"dateReserved": "2012-08-09T00:00:00",
"dateUpdated": "2024-08-06T20:28:07.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0795 (GCVE-0-2016-0795)
Vulnerability from cvelistv5
Published
2016-02-18 21:00
Modified
2024-08-05 22:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:05.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160217 Multiple Vendor LibreOffice Writer Lotus Word Pro \u0027TocSuperLayout\u0027 Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1223"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/"
},
{
"name": "openSUSE-SU-2016:1415",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html"
},
{
"name": "openSUSE-SU-2016:1805",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html"
},
{
"name": "FEDORA-2016-962c0d156d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html"
},
{
"name": "1035022",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035022"
},
{
"name": "RHSA-2016:2579",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html"
},
{
"name": "DSA-3482",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3482"
},
{
"name": "USN-2899-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2899-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20160217 Multiple Vendor LibreOffice Writer Lotus Word Pro \u0027TocSuperLayout\u0027 Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1223"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/"
},
{
"name": "openSUSE-SU-2016:1415",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html"
},
{
"name": "openSUSE-SU-2016:1805",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html"
},
{
"name": "FEDORA-2016-962c0d156d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html"
},
{
"name": "1035022",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035022"
},
{
"name": "RHSA-2016:2579",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html"
},
{
"name": "DSA-3482",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3482"
},
{
"name": "USN-2899-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2899-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-0795",
"datePublished": "2016-02-18T21:00:00",
"dateReserved": "2015-12-16T00:00:00",
"dateUpdated": "2024-08-05T22:30:05.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3524 (GCVE-0-2014-3524)
Vulnerability from cvelistv5
Published
2014-08-26 14:00
Modified
2024-08-06 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:16.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "69351",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69351"
},
{
"name": "60235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60235"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"name": "20140821 CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533200/100/0/threaded"
},
{
"name": "apache-openoffice-cve20143524-command-exec(95421)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95421"
},
{
"name": "1030755",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030755"
},
{
"name": "59877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59877"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2014-3524.html"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "59600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59600"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "69351",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69351"
},
{
"name": "60235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60235"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"name": "20140821 CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533200/100/0/threaded"
},
{
"name": "apache-openoffice-cve20143524-command-exec(95421)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95421"
},
{
"name": "1030755",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030755"
},
{
"name": "59877",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59877"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2014-3524.html"
},
{
"name": "GLSA-201603-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"name": "59600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59600"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3524",
"datePublished": "2014-08-26T14:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:16.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1183 (GCVE-0-2023-1183)
Vulnerability from cvelistv5
Published
2023-07-10 15:04
Modified
2025-02-13 16:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | libreoffice | |||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:40:58.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-1183"
},
{
"name": "RHBZ#2208506",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208506"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libreoffice",
"vendor": "n/a",
"versions": [
{
"status": "unaffected",
"version": "7.4.6"
},
{
"status": "unaffected",
"version": "7.5.1"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "libreoffice",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "libreoffice",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "libreoffice",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "libreoffice",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "libreoffice",
"product": "Fedora",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Gregor Kopf (Secfault Security GmbH) for reporting this issue."
}
],
"datePublic": "2023-06-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Libreoffice package. An attacker can craft an odb containing a \"database/script\" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-03T12:06:19.907Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-1183"
},
{
"name": "RHBZ#2208506",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208506"
},
{
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/4"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-05-19T00:00:00Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-06-19T00:00:00Z",
"value": "Made public."
}
],
"title": "Arbitrary file write",
"x_redhatCweChain": "CWE-20: Improper Input Validation"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-1183",
"datePublished": "2023-07-10T15:04:30.740Z",
"dateReserved": "2023-03-06T04:37:10.705Z",
"dateUpdated": "2025-02-13T16:39:16.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6871 (GCVE-0-2018-6871)
Vulnerability from cvelistv5
Published
2018-02-09 06:00
Modified
2024-08-05 06:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:16.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44022",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44022/"
},
{
"name": "USN-3579-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3579-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure"
},
{
"name": "RHSA-2018:0517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5\u0026id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a"
},
{
"name": "RHSA-2018:0418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0418"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/"
},
{
"name": "DSA-4111",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4111"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-17T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "44022",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44022/"
},
{
"name": "USN-3579-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3579-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure"
},
{
"name": "RHSA-2018:0517",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5\u0026id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a"
},
{
"name": "RHSA-2018:0418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0418"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/"
},
{
"name": "DSA-4111",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4111"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44022",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44022/"
},
{
"name": "USN-3579-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3579-1/"
},
{
"name": "https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure",
"refsource": "MISC",
"url": "https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure"
},
{
"name": "RHSA-2018:0517",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0517"
},
{
"name": "https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5\u0026id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a",
"refsource": "CONFIRM",
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5\u0026id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a"
},
{
"name": "RHSA-2018:0418",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0418"
},
{
"name": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/"
},
{
"name": "DSA-4111",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4111"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6871",
"datePublished": "2018-02-09T06:00:00",
"dateReserved": "2018-02-09T00:00:00",
"dateUpdated": "2024-08-05T06:17:16.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18688 (GCVE-0-2018-18688)
Vulnerability from cvelistv5
Published
2021-01-07 17:38
Modified
2024-08-05 11:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:16:00.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-07T17:51:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"name": "https://pdf-insecurity.org/signature/evaluation_2018.html",
"refsource": "MISC",
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"name": "https://pdf-insecurity.org/signature/signature.html",
"refsource": "MISC",
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"name": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/",
"refsource": "MISC",
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18688",
"datePublished": "2021-01-07T17:38:45",
"dateReserved": "2018-10-26T00:00:00",
"dateUpdated": "2024-08-05T11:16:00.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9851 (GCVE-0-2019-9851)
Vulnerability from cvelistv5
Published
2019-08-15 21:35
Modified
2024-09-16 22:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- arbitrary script execution
Summary
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Document Foundation | LibreOffice |
Version: unspecified < 6.2.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:55.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "DSA-4501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154168/LibreOffice-Macro-Python-Code-Execution.html"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "USN-4102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "Document Foundation",
"versions": [
{
"lessThan": "6.2.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Gabriel Masei of 1\u00261 for discovering and reporting this issue"
}
],
"datePublic": "2019-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "arbitrary script execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-06T13:06:06",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "DSA-4501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154168/LibreOffice-Macro-Python-Code-Execution.html"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "USN-4102-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"name": "openSUSE-SU-2019:2057",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "LibreLogo global-event script execution",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2019-08-15T00:00:00.000Z",
"ID": "CVE-2019-9851",
"STATE": "PUBLIC",
"TITLE": "LibreLogo global-event script execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.2.6"
}
]
}
}
]
},
"vendor_name": "Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Gabriel Masei of 1\u00261 for discovering and reporting this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "arbitrary script execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851"
},
{
"name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"name": "DSA-4501",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"name": "http://packetstormsecurity.com/files/154168/LibreOffice-Macro-Python-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154168/LibreOffice-Macro-Python-Code-Execution.html"
},
{
"name": "FEDORA-2019-2fe22a3a2c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"name": "USN-4102-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"name": "openSUSE-SU-2019:2057",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"name": "openSUSE-SU-2019:2183",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2019-9851",
"datePublished": "2019-08-15T21:35:46.759573Z",
"dateReserved": "2019-03-17T00:00:00",
"dateUpdated": "2024-09-16T22:03:31.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26307 (GCVE-0-2022-26307)
Vulnerability from cvelistv5
Published
2022-07-25 00:00
Modified
2024-08-03 05:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-326 - Inadequate Encryption Strength
Summary
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulerable to a brute force attack if an attacker has access to the users stored config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.3.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7.2 < 7.2.7 Version: 7.3 < 7.3.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:03:31.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307"
},
{
"name": "[oss-security] 20220812 CVE-2022-37401: Apache OpenOffice Weak Master Keys",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/2"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.2.7",
"status": "affected",
"version": "7.2",
"versionType": "custom"
},
{
"lessThan": "7.3.3",
"status": "affected",
"version": "7.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "OpenSource Security GmbH on behalf of the German Federal Office for Information Security"
}
],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports the storage of passwords for web connections in the user\u2019s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulerable to a brute force attack if an attacker has access to the users stored config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-26T00:00:00",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307"
},
{
"name": "[oss-security] 20220812 CVE-2022-37401: Apache OpenOffice Weak Master Keys",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/2"
},
{
"name": "[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weak Master Keys",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2022-26307",
"datePublished": "2022-07-25T00:00:00",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T05:03:31.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25634 (GCVE-0-2021-25634)
Vulnerability from cvelistv5
Published
2021-10-12 13:33
Modified
2024-09-17 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-295 - Improper Certificate Validation
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Version: 7-0 < 7.0.6 Version: 7-1 < 7.1.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.0.6",
"status": "affected",
"version": "7-0",
"versionType": "custom"
},
{
"lessThan": "7.1.2",
"status": "affected",
"version": "7-1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "NDS of Ruhr University Bochum"
}
],
"datePublic": "2021-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-17T10:06:24",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Timestamp Manipulation with Signature Wrapping",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2021-10-11T00:00:00.000Z",
"ID": "CVE-2021-25634",
"STATE": "PUBLIC",
"TITLE": "Timestamp Manipulation with Signature Wrapping"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7-0",
"version_value": "7.0.6"
},
{
"version_affected": "\u003c",
"version_name": "7-1",
"version_value": "7.1.2"
}
]
}
}
]
},
"vendor_name": "The Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "NDS of Ruhr University Bochum"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634"
},
{
"name": "DSA-4988",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4988"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2021-25634",
"datePublished": "2021-10-12T13:33:54.266254Z",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-09-17T00:46:33.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10120 (GCVE-0-2018-10120)
Vulnerability from cvelistv5
Published
2018-04-15 16:00
Modified
2024-08-05 07:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:32:01.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/#/c/49499/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/#/c/49486/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=017fcc2fcd00af17a97bd5463d89662404f57667"
},
{
"name": "RHSA-2018:3054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"name": "DSA-4178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"name": "USN-3883-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "[debian-lts-announce] 20180419 [SECURITY] [DLA 1356-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.libreoffice.org/#/c/49500/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-07T10:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/#/c/49499/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/#/c/49486/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=017fcc2fcd00af17a97bd5463d89662404f57667"
},
{
"name": "RHSA-2018:3054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"name": "DSA-4178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"name": "USN-3883-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "[debian-lts-announce] 20180419 [SECURITY] [DLA 1356-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.libreoffice.org/#/c/49500/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gerrit.libreoffice.org/#/c/49499/",
"refsource": "MISC",
"url": "https://gerrit.libreoffice.org/#/c/49499/"
},
{
"name": "https://gerrit.libreoffice.org/#/c/49486/",
"refsource": "MISC",
"url": "https://gerrit.libreoffice.org/#/c/49486/"
},
{
"name": "https://gerrit.libreoffice.org/gitweb?p=core.git;a=commit;h=017fcc2fcd00af17a97bd5463d89662404f57667",
"refsource": "MISC",
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git;a=commit;h=017fcc2fcd00af17a97bd5463d89662404f57667"
},
{
"name": "RHSA-2018:3054",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"name": "DSA-4178",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"name": "USN-3883-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"name": "[debian-lts-announce] 20180419 [SECURITY] [DLA 1356-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"name": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173"
},
{
"name": "https://gerrit.libreoffice.org/#/c/49500/",
"refsource": "MISC",
"url": "https://gerrit.libreoffice.org/#/c/49500/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10120",
"datePublished": "2018-04-15T16:00:00",
"dateReserved": "2018-04-15T00:00:00",
"dateUpdated": "2024-08-05T07:32:01.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4324 (GCVE-0-2016-4324)
Vulnerability from cvelistv5
Published
2016-07-08 19:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3608",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3608"
},
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1036209",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036209"
},
{
"name": "91499",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91499"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/"
},
{
"name": "USN-3022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3022-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0126/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "DSA-3608",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3608"
},
{
"name": "GLSA-201611-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1036209",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036209"
},
{
"name": "91499",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91499"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/"
},
{
"name": "USN-3022-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3022-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0126/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-4324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3608",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3608"
},
{
"name": "GLSA-201611-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"name": "1036209",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036209"
},
{
"name": "91499",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91499"
},
{
"name": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/",
"refsource": "CONFIRM",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/"
},
{
"name": "USN-3022-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3022-1"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0126/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0126/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-4324",
"datePublished": "2016-07-08T19:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9853 (GCVE-0-2019-9853)
Vulnerability from cvelistv5
Published
2019-09-27 15:07
Modified
2024-09-16 17:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-116 - Improper Encoding or Escaping of Output
Summary
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Document Foundation | LibreOffice |
Version: 6.2 series < 6.2.7 Version: 6.3 series < 6.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:54.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"name": "FEDORA-2019-4b0cc75996",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1051583 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1868517 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870322 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053264 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053267 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870324 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870337 - in /openoffice/ooo-site/trunk/content/security/cves: CVE-2019-9853.html CVE-XXXX-YYYY.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053270 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html content/security/cves/CVE-XXXX-YYYY.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053271 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html content/security/cves/CVE-XXXX-YYYY.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870336 - in /openoffice/ooo-site/trunk/content/security/cves: CVE-2019-9853.html CVE-XXXX-YYYY.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "openSUSE-SU-2019:2709",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html"
},
{
"name": "20200220 Open-Xchange Security Advisory 2020-02-19",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/23"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "Document Foundation",
"versions": [
{
"lessThan": "6.2.7",
"status": "affected",
"version": "6.2 series",
"versionType": "custom"
},
{
"lessThan": "6.3.1",
"status": "affected",
"version": "6.3 series",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Nils Emmerich of ERNW Research GmbH for discovering and reporting this issue"
}
],
"datePublic": "2019-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116 Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-21T17:06:02",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"name": "FEDORA-2019-4b0cc75996",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1051583 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1868517 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870322 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053264 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053267 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870324 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870337 - in /openoffice/ooo-site/trunk/content/security/cves: CVE-2019-9853.html CVE-XXXX-YYYY.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053270 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html content/security/cves/CVE-XXXX-YYYY.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053271 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html content/security/cves/CVE-XXXX-YYYY.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870336 - in /openoffice/ooo-site/trunk/content/security/cves: CVE-2019-9853.html CVE-XXXX-YYYY.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "openSUSE-SU-2019:2709",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html"
},
{
"name": "20200220 Open-Xchange Security Advisory 2020-02-19",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/23"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient URL decoding flaw in categorizing macro location",
"x_generator": {
"engine": "Vulnogram 0.0.8"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2019-09-27T00:00:00.000Z",
"ID": "CVE-2019-9853",
"STATE": "PUBLIC",
"TITLE": "Insufficient URL decoding flaw in categorizing macro location"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "6.2 series",
"version_value": "6.2.7"
},
{
"version_affected": "\u003c",
"version_name": "6.3 series",
"version_value": "6.3.1"
}
]
}
}
]
},
"vendor_name": "Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Nils Emmerich of ERNW Research GmbH for discovering and reporting this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-116 Improper Encoding or Escaping of Output"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/",
"refsource": "CONFIRM",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/"
},
{
"name": "[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"name": "FEDORA-2019-4b0cc75996",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1051583 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1868517 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191016 svn commit: r1868522 - /openoffice/ooo-site/trunk/content/security/bulletin.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870322 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053264 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053267 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870324 - /openoffice/ooo-site/trunk/content/security/cves/CVE-2019-9853.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870337 - in /openoffice/ooo-site/trunk/content/security/cves: CVE-2019-9853.html CVE-XXXX-YYYY.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053270 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html content/security/cves/CVE-XXXX-YYYY.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1053271 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2019-9853.html content/security/cves/CVE-XXXX-YYYY.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "[openoffice-commits] 20191124 svn commit: r1870336 - in /openoffice/ooo-site/trunk/content/security/cves: CVE-2019-9853.html CVE-XXXX-YYYY.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631@%3Ccommits.openoffice.apache.org%3E"
},
{
"name": "openSUSE-SU-2019:2709",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html"
},
{
"name": "20200220 Open-Xchange Security Advisory 2020-02-19",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Feb/23"
},
{
"name": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2019-9853",
"datePublished": "2019-09-27T15:07:40.492574Z",
"dateReserved": "2019-03-17T00:00:00",
"dateUpdated": "2024-09-16T17:17:42.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2019-05-09 14:29
Modified
2024-11-21 04:52
Severity ?
Summary
A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally launched. Under Windows and macOS when processing a hyperlink target explicitly activated by the user there was no judgment made on whether the target was an executable file, so such executable targets were launched unconditionally. This issue affects: All LibreOffice Windows and macOS versions prior to 6.1.6; LibreOffice Windows and macOS versions in the 6.2 series prior to 6.2.3.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| apple | macos | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9E578-3978-480C-86A1-481DC63189BA",
"versionEndExcluding": "6.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B9D79E-E802-41EE-91BE-4B5467012461",
"versionEndExcluding": "6.2.3",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally launched. Under Windows and macOS when processing a hyperlink target explicitly activated by the user there was no judgment made on whether the target was an executable file, so such executable targets were launched unconditionally. This issue affects: All LibreOffice Windows and macOS versions prior to 6.1.6; LibreOffice Windows and macOS versions in the 6.2 series prior to 6.2.3."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesamiento de hiperv\u00ednculos de LibreOffice permite a un atacante construir documentos que contengan hiperv\u00ednculos que apunten a la ubicaci\u00f3n de un ejecutable en el sistema de archivos de los usuarios victimas. Si la v\u00edctima activa el hiperv\u00ednculo, el objetivo ejecutable se inicia incondicionalmente. En Windows y macOS, al procesar un objetivo de hiperv\u00ednculo activado expl\u00edcitamente por el usuario, no se emiti\u00f3 un juicio sobre si el objetivo era un archivo ejecutable, por lo que dichos objetivos ejecutables fueron iniciados incondicionalmente. Este problema afecta: todas las versiones de Windows y macOS de LibreOffice versiones anteriores a 6.1.6; LibreOffice versiones de Windows y macOS en la serie 6.2 anterior a 6.2.3."
}
],
"id": "CVE-2019-9847",
"lastModified": "2024-11-21T04:52:25.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-09T14:29:00.697",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2019-9847/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2019-9847/"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-27 16:15
Modified
2024-11-21 04:52
Severity ?
Summary
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html | ||
| security@documentfoundation.org | http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html | ||
| security@documentfoundation.org | http://seclists.org/fulldisclosure/2020/Feb/23 | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E | ||
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/ | ||
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Feb/23 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B457A16E-A471-45EE-8D1B-BF4427F1E04E",
"versionEndExcluding": "6.2.6",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9A03CA-E4B2-4935-9E97-A5772DC4DE93",
"versionEndExcluding": "6.3.1",
"versionStartIncluding": "6.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1."
},
{
"lang": "es",
"value": "Los documentos de LibreOffice pueden contener macros. La ejecuci\u00f3n de esas macros est\u00e1 controlada por la configuraci\u00f3n de seguridad del documento, por lo general, la ejecuci\u00f3n de las macros est\u00e1 bloqueada por defecto. Exist\u00eda un defecto de decodificaci\u00f3n de URL en c\u00f3mo se procesaban y clasificaban las URL de las macros dentro del documento, resultando en la posibilidad de construir un documento donde la ejecuci\u00f3n de macros omitiera la configuraci\u00f3n de seguridad. Los documentos fueron detectados correctamente como que conten\u00edan macros e incitaron al usuario a su existencia dentro de los documentos, pero las macros dentro del documento no fueron controladas posteriormente por la configuraci\u00f3n de seguridad lo que permit\u00eda la ejecuci\u00f3n arbitraria de macros. Este problema afecta a: LibreOffice serie 6.2 versiones anteriores a 6.2.7 ; LibreOffice serie 6.3 versiones anteriores a 6.3.1."
}
],
"id": "CVE-2019-9853",
"lastModified": "2024-11-21T04:52:26.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-27T16:15:11.013",
"references": [
{
"source": "security@documentfoundation.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html"
},
{
"source": "security@documentfoundation.org",
"url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html"
},
{
"source": "security@documentfoundation.org",
"url": "http://seclists.org/fulldisclosure/2020/Feb/23"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Feb/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-15 22:15
Modified
2024-11-21 04:52
Severity ?
Summary
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WVSDPZJG3UA43X3JXRHJAWXLDZEW77LM/ | ||
| security@documentfoundation.org | https://seclists.org/bugtraq/2019/Aug/28 | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://usn.ubuntu.com/4102-1/ | Third Party Advisory | |
| security@documentfoundation.org | https://www.debian.org/security/2019/dsa-4501 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WVSDPZJG3UA43X3JXRHJAWXLDZEW77LM/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Aug/28 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4102-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2019/dsa-4501 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32F74064-7FE4-4BB6-86BB-83AE52D38E87",
"versionEndExcluding": "6.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6."
},
{
"lang": "es",
"value": "LibreOffice est\u00e1 com\u00fanmente incorporada con LibreLogo, un script de gr\u00e1ficos vectoriales turtle programables, lo que puede ejecutar comandos arbitrarios de python contenidos con el documento desde que se inicia. LibreOffice tambi\u00e9n presenta una funcionalidad en la que los documentos pueden especificar que los scripts preinstalados pueden ser ejecutados en varios eventos de scripts de documentos, como mouse-over, etc. Se agreg\u00f3 protecci\u00f3n, para abordar el CVE-2019-9848, para bloquear las llamadas a LibreLogo desde los controladores de eventos de scripts . Sin embargo, una vulnerabilidad de validaci\u00f3n de URL insuficiente en LibreOffice permiti\u00f3 a malintencionados omitir esa protecci\u00f3n y volver a activar la llamada a LibreLogo desde los manejadores de eventos de script. Este problema afecta: Document Foundation LibreOffice versiones anteriores a 6.2.6."
}
],
"id": "CVE-2019-9850",
"lastModified": "2024-11-21T04:52:26.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-15T22:15:22.227",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WVSDPZJG3UA43X3JXRHJAWXLDZEW77LM/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WVSDPZJG3UA43X3JXRHJAWXLDZEW77LM/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-16 09:58
Modified
2024-11-21 03:40
Severity ?
Summary
The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:3054 | Third Party Advisory | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173 | Third Party Advisory | |
| cve@mitre.org | https://gerrit.libreoffice.org/#/c/49486/ | Patch, Vendor Advisory | |
| cve@mitre.org | https://gerrit.libreoffice.org/#/c/49499/ | Patch, Vendor Advisory | |
| cve@mitre.org | https://gerrit.libreoffice.org/#/c/49500/ | Patch, Vendor Advisory | |
| cve@mitre.org | https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=017fcc2fcd00af17a97bd5463d89662404f57667 | ||
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3883-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4178 | Third Party Advisory | |
| cve@mitre.org | https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3054 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/#/c/49486/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/#/c/49499/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/#/c/49500/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=017fcc2fcd00af17a97bd5463d89662404f57667 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3883-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4178 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E81C03A2-5692-47AF-9BBF-8F34EDF6CF12",
"versionEndExcluding": "5.4.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55E86F1F-BDF9-4F93-BE8E-1E705092E8B5",
"versionEndExcluding": "6.0.2.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record."
},
{
"lang": "es",
"value": "La funci\u00f3n SwCTBWrapper::Read en sw/source/filter/ww8/ww8toolbar.cxx en LibreOffice, en versiones anteriores a la 5.4.6.1 y versiones 6.x anteriores a la 6.0.2.1, no valida un \u00edndice de personalizaciones. Esto permite que los atacantes remotos provoquen una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en memoria din\u00e1mica o heap con acceso de escritura) o cualquier otro tipo de impacto sin especificar mediante un documento manipulado que contiene un registro de Microsoft Word determinado."
}
],
"id": "CVE-2018-10120",
"lastModified": "2024-11-21T03:40:52.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-16T09:58:10.557",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/49486/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/49499/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/49500/"
},
{
"source": "cve@mitre.org",
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=017fcc2fcd00af17a97bd5463d89662404f57667"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/49486/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/49499/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/49500/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=017fcc2fcd00af17a97bd5463d89662404f57667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-129"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-10 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-2619.html | ||
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3394 | ||
| secalert@redhat.com | http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ | Vendor Advisory | |
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2015-5213.html | Vendor Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/77486 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1034085 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1034091 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2793-1 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201603-05 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201611-03 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-2619.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3394 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2015-5213.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/77486 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034085 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034091 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2793-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201611-03 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| apache | openoffice | * | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6A0B8F-8A90-4D67-A078-B8D8A84F4A69",
"versionEndIncluding": "4.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "038CCC30-52CD-40B3-A24C-B6DB1F5C13F1",
"versionEndIncluding": "4.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo DOC extenso, lo que desencadena un desbordamiento de buffer."
}
],
"id": "CVE-2015-5213",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-11-10T17:59:03.227",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2015/dsa-3394"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5213.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/77486"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1034085"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1034091"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5213.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-03"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-07 19:55
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-0377.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/62111 | ||
| secalert@redhat.com | http://secunia.com/advisories/62132 | ||
| secalert@redhat.com | http://secunia.com/advisories/62396 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/71351 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2398-1 | Patch, Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201603-05 | ||
| secalert@redhat.com | https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0377.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62132 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62396 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/71351 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2398-1 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| libreoffice | libreoffice | 4.0.0 | |
| libreoffice | libreoffice | 4.0.1 | |
| libreoffice | libreoffice | 4.0.2 | |
| libreoffice | libreoffice | 4.0.3 | |
| libreoffice | libreoffice | 4.0.3.3 | |
| libreoffice | libreoffice | 4.0.4.2 | |
| libreoffice | libreoffice | 4.1.0 | |
| libreoffice | libreoffice | 4.1.1 | |
| libreoffice | libreoffice | 4.1.2 | |
| libreoffice | libreoffice | 4.1.3 | |
| libreoffice | libreoffice | 4.1.4 | |
| libreoffice | libreoffice | 4.2.0 | |
| libreoffice | libreoffice | 4.2.1 | |
| libreoffice | libreoffice | 4.2.2 | |
| libreoffice | libreoffice | 4.2.3 | |
| libreoffice | libreoffice | 4.2.4 | |
| libreoffice | libreoffice | 4.2.5 | |
| libreoffice | libreoffice | 4.2.6 | |
| libreoffice | libreoffice | 4.3.0 | |
| libreoffice | libreoffice | 4.3.1 | |
| libreoffice | libreoffice | 4.3.2 | |
| opensuse | opensuse | 13.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9107E38E-E815-4B0D-A4B2-14D4E046D8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C783766-1340-4AEB-9822-EA175763A54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B6659D-C29A-4F1D-B1D4-3DD439D8AFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86953074-1B45-40A8-99F8-281B5666D1A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F60E30C7-DA1F-40BC-BF41-1D4A7C298ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8D6B9A-0FCC-4AAD-9AB9-0E51DCC7280B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA4F905-2CD3-4DC7-A448-686C8C66EB2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D49E9AE-8A66-44E8-9ED9-86AED2236B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC93FD4-C720-4018-9AEF-496EFF718257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B760AC5-EB16-4FD1-8099-50A4C12B6D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65E02231-DACA-4750-BFAB-680A529F7B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7DC987-8802-4B00-804B-50AA41A6D1FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9BE7094-E163-49D0-BC53-1B706C96B73F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49AA7F09-9550-495E-B325-DBC5EB5E4FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2C8FD3B3-9C32-4177-AC13-B74E0D553F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "868731BE-8CD3-4C18-80E3-753A95187B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "978F7E8B-0224-43DC-8818-4BE298E45D16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4F263182-1B6D-4CB8-BB62-91A52C926E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BCD6C8-8FCD-4FBC-806B-21A96E2FC5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D1551AC-D6AB-4FCF-B097-76F98F7D8B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A184C9-F26A-4A5C-9834-6639D6D19B53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en el gestor del socket de Impress Remote en LibreOffice 4.x anterior a 4.2.7 y 4.3.x anterior a 4.3.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud manipulada al puerto TCP 1599."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2014-3693",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-07T19:55:03.340",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/62111"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/62132"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/62396"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/71351"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2398-1"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2398-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-25 15:15
Modified
2024-11-21 06:53
Severity ?
Summary
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulerable to a brute force attack if an attacker has access to the users stored config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.3.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://www.openwall.com/lists/oss-security/2022/08/13/2 | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2022/08/13/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20BCBB73-64D6-44F0-8B7F-F94269E9EEDA",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1452E9B-C09C-4BF4-AE1F-C3AF6698BC33",
"versionEndExcluding": "7.3.3",
"versionStartIncluding": "7.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports the storage of passwords for web connections in the user\u2019s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulerable to a brute force attack if an attacker has access to the users stored config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.3."
},
{
"lang": "es",
"value": "LibreOffice admite el almacenamiento de contrase\u00f1as para conexiones web en la base de datos de configuraci\u00f3n del usuario. Las contrase\u00f1as almacenadas son cifradas con una \u00fanica clave maestra proporcionada por el usuario. Se presentaba un fallo en LibreOffice en el que la clave maestra estaba codificada inapropiadamente resultando en un debilitamiento de su entrop\u00eda de 128 a 43 bits haciendo que las contrase\u00f1as almacenadas sean vulnerables a un ataque de fuerza bruta si un atacante presenta acceso a la configuraci\u00f3n almacenada del usuario. Este problema afecta a: The Document Foundation LibreOffice versiones 7.2 anteriores a 7.2.7; versiones 7.3 anteriores a 7.3.3"
}
],
"id": "CVE-2022-26307",
"lastModified": "2024-11-21T06:53:43.663",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-25T15:15:09.410",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/2"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-11 17:15
Modified
2024-11-21 05:55
Severity ?
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://www.debian.org/security/2021/dsa-4988 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4988 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF22E51-8E68-4B58-8AB3-D326C1097E3E",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA884385-2527-4F68-9FD5-67ECD9A89F42",
"versionEndExcluding": "7.1.2",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
},
{
"lang": "es",
"value": "LibreOffice soporta firmas digitales de documentos ODF y macros dentro de documentos, presentando ayudas visuales de que no se ha producido ninguna alteraci\u00f3n del documento desde la \u00faltima firma y que la firma es v\u00e1lida. Una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Certificados en LibreOffice permit\u00eda a un atacante crear un documento ODF firmado digitalmente, al manipular el flujo documentsignatures.xml o macrosignatures.xml dentro del documento para combinar m\u00faltiples datos de certificados, que cuando se abr\u00eda causaba que LibreOffice mostrara un indicador firmado v\u00e1lidamente pero cuyo contenido no estaba relacionado con la firma mostrada. Este problema afecta a: versiones de LibreOffice 7-0 de The Document Foundation anteriores a la 7.0.6; versiones 7-1 anteriores a 7.1.2"
}
],
"id": "CVE-2021-25633",
"lastModified": "2024-11-21T05:55:11.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-11T17:15:07.590",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-10 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-2619.html | ||
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3394 | ||
| secalert@redhat.com | http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ | Vendor Advisory | |
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2015-5214.html | Vendor Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/77486 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1034086 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1034091 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2793-1 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201603-05 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201611-03 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-2619.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3394 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2015-5214.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/77486 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034086 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034091 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2793-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201611-03 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| libreoffice | libreoffice | * | |
| apache | openoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD3F6FA-8E9B-437F-BD4D-F5BE2E0FEC4D",
"versionEndIncluding": "4.4.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6A0B8F-8A90-4D67-A078-B8D8A84F4A69",
"versionEndIncluding": "4.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file."
},
{
"lang": "es",
"value": "LibreOffice en versiones anteriores a 4.4.6 y 5.x en versiones anteriores a 5.0.1 y Apache OpenOffice en versiones anteriores a 4.1.2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un \u00edndice a un marcador inexistente en un documento DOC."
}
],
"id": "CVE-2015-5214",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-11-10T17:59:04.210",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2015/dsa-3394"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5214.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/77486"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1034086"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1034091"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5214.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-03"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-17 12:15
Modified
2024-11-21 04:52
Severity ?
Summary
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://www.securityfocus.com/bid/109374 | Broken Link | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/ | ||
| security@documentfoundation.org | https://seclists.org/bugtraq/2019/Aug/28 | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://security.gentoo.org/glsa/201908-13 | Third Party Advisory | |
| security@documentfoundation.org | https://usn.ubuntu.com/4063-1/ | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9848 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/109374 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Aug/28 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201908-13 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4063-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9848 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| debian | debian_linux | 8.0 | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA10AA1D-3A0A-43B1-9556-BBC53865B5A6",
"versionEndExcluding": "6.2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5."
},
{
"lang": "es",
"value": "LibreOffice presenta una funcionalidad donde los documentos pueden especificar que los scripts preinstalados pueden ser ejecutados en varios eventos de documentos, tal como el mouse-over, etc. Por lo general, LibreOffice tambi\u00e9n se incluye con LibreLogo, un script de gr\u00e1ficos vectoriales turtle programables, que puede ser manipulado para ejecutar comandos de python arbitrarios. Mediante el uso de la funcionalidad document event para activar LibreLogo para ejecutar python contenido en un documento, podr\u00eda ser construido un documento malicioso que ejecutar\u00eda comandos de python arbitrarios en silencio sin avisar. En las versiones corregidas, LibreLogo no puede ser llamado desde un controlador de eventos de documento. Este problema afecta: las versiones de LibreOffice anteriores a 6.2.5, de Document Foundation."
}
],
"id": "CVE-2019-9848",
"lastModified": "2024-11-21T04:52:25.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-17T12:15:10.770",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/109374"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/109374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9848"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-15 22:15
Modified
2024-11-21 04:52
Severity ?
Summary
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://packetstormsecurity.com/files/154168/LibreOffice-Macro-Python-Code-Execution.html | Third Party Advisory, VDB Entry | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| security@documentfoundation.org | https://seclists.org/bugtraq/2019/Aug/28 | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://usn.ubuntu.com/4102-1/ | Third Party Advisory | |
| security@documentfoundation.org | https://www.debian.org/security/2019/dsa-4501 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154168/LibreOffice-Macro-Python-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Aug/28 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4102-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2019/dsa-4501 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 29 | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32F74064-7FE4-4BB6-86BB-83AE52D38E87",
"versionEndExcluding": "6.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6."
},
{
"lang": "es",
"value": "LibreOffice est\u00e1 com\u00fanmente incorporada con LibreLogo, un script de gr\u00e1ficos vectoriales turtle programables, lo que puede ejecutar comandos arbitrarios de python contenidos con el documento desde que se inicia. Se agreg\u00f3 protecci\u00f3n, para abordar el CVE-2019-9848, para bloquear las llamadas a LibreLogo desde los manejadores de script de eventos de documentos, p.ej. mouse over. Sin embargo, LibreOffice tambi\u00e9n presenta una funcionalidad separada en la que los documentos pueden especificar que los scripts preinstalados pueden ser ejecutados en varios eventos de script globales, tales como document-open, etc. Este problema afecta: Document Foundation LibreOffice versiones anteriores a 6.2.6."
}
],
"id": "CVE-2019-9851",
"lastModified": "2024-11-21T04:52:26.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-15T22:15:22.290",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154168/LibreOffice-Macro-Python-Code-Execution.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154168/LibreOffice-Macro-Python-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-30 17:59
Modified
2025-04-20 01:37
Severity ?
Summary
LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/98395 | ||
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98395 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c | Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6FB845-4F3E-48DD-B9BB-9986BD4F48FC",
"versionEndIncluding": "5.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx."
},
{
"lang": "es",
"value": "LibreOffice anterior al 17-03-2017 tiene una escritura fuera de rango causada por un desbordamiento de b\u00fafer basado en memoria din\u00e1mica, relacionado con la funci\u00f3n ReadJPEG en vcl/source/filter/jpeg/jpegc.cxx."
}
],
"id": "CVE-2017-8358",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-30T17:59:00.967",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/98395"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/98395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-18 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2579.html | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3482 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1035022 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2899-1 | ||
| secalert@redhat.com | https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/ | Vendor Advisory | |
| secalert@redhat.com | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1220 | ||
| secalert@redhat.com | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1221 | ||
| secalert@redhat.com | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1222 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2579.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3482 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035022 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2899-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1220 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1221 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1222 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D647CF55-B609-4064-B8A9-D6916556D9CB",
"versionEndIncluding": "5.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document."
},
{
"lang": "es",
"value": "El filtro lwp en LibreOffice en versiones anteriores a 5.0.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente tener otro impacto no especificado a trav\u00e9s de un documento LotusWordPro (lwp) manipulado."
}
],
"id": "CVE-2016-0794",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-18T21:59:01.230",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3482"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1035022"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2899-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1220"
},
{
"source": "secalert@redhat.com",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1221"
},
{
"source": "secalert@redhat.com",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2899-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1222"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-17 12:15
Modified
2024-11-21 04:52
Severity ?
Summary
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://www.securityfocus.com/bid/109374 | Broken Link | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/ | ||
| security@documentfoundation.org | https://security.gentoo.org/glsa/201908-13 | Third Party Advisory | |
| security@documentfoundation.org | https://usn.ubuntu.com/4063-1/ | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9849 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/109374 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201908-13 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4063-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9849 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| debian | debian_linux | 8.0 | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA10AA1D-3A0A-43B1-9556-BBC53865B5A6",
"versionEndExcluding": "6.2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a \u0027stealth mode\u0027 in which only documents from locations deemed \u0027trusted\u0027 are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice\u0027s ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5."
},
{
"lang": "es",
"value": "LibreOffice presenta un \"stealth mode\" en el que solo los documentos desde ubicaciones consideradas \"trusted\" pueden recuperar recursos remotos. Este modo no es el modo por defecto, pero puede ser habilitado por los usuarios que desean desactivar la capacidad de LibreOffice de incluir recursos remotos dentro de un documento. Exist\u00eda un fallo donde se omit\u00edan los gr\u00e1ficos con vi\u00f1etas de esta protecci\u00f3n anterior la versi\u00f3n 6.2.5. Este problema afecta: a LibreOffice versiones anteriores a 6.2.5, de Document Foundation."
}
],
"id": "CVE-2019-9849",
"lastModified": "2024-11-21T04:52:26.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-17T12:15:10.830",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/109374"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/109374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4063-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9849"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-28 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-1458.html | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3236 | Third Party Advisory | |
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2015-1774.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/74338 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1032205 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1032206 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2578-1 | Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory | |
| secalert@redhat.com | https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/ | Vendor Advisory | |
| secalert@redhat.com | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-1458.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3236 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2015-1774.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/74338 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032205 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032206 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2578-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| apache | openoffice | * | |
| fedoraproject | fedora | 21 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 4.4.0 | |
| libreoffice | libreoffice | 4.4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6A0B8F-8A90-4D67-A078-B8D8A84F4A69",
"versionEndIncluding": "4.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F90BB1A8-CFF6-4443-8677-C9F77D18B15F",
"versionEndIncluding": "4.3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FABB3679-570F-4D9B-A881-F3B06D11A6D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41136399-9260-465C-9A83-635950411436",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write."
},
{
"lang": "es",
"value": "El filtro HWP en LibreOffice anterior a 4.3.7 y 4.4.x anterior a 4.4.2 y Apache OpenOffice anterior a 4.1.2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento HWP manipulado, lo cual provoca una escritura fuera de rango."
}
],
"id": "CVE-2015-1774",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-04-28T14:59:00.077",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1458.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3236"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-1774.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74338"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032205"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032206"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1458.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-1774.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-16 09:58
Modified
2024-11-21 03:40
Severity ?
Summary
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:3054 | Third Party Advisory | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747 | Third Party Advisory | |
| cve@mitre.org | https://gerrit.libreoffice.org/#/c/48751/ | Patch, Vendor Advisory | |
| cve@mitre.org | https://gerrit.libreoffice.org/#/c/48756/ | Patch, Vendor Advisory | |
| cve@mitre.org | https://gerrit.libreoffice.org/#/c/48757/ | Patch, Vendor Advisory | |
| cve@mitre.org | https://gerrit.libreoffice.org/#/c/48758/ | Patch, Vendor Advisory | |
| cve@mitre.org | https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=fdd41c995d1f719e92c6f083e780226114762f05 | ||
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3883-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4178 | Third Party Advisory | |
| cve@mitre.org | https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3054 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/#/c/48751/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/#/c/48756/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/#/c/48757/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/#/c/48758/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=fdd41c995d1f719e92c6f083e780226114762f05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3883-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4178 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB3D2D6-A023-4F60-91D8-8A581DF58A5C",
"versionEndExcluding": "5.4.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3683F37B-80B0-4164-BCF3-B6548BC22441",
"versionEndExcluding": "6.0.1.1",
"versionStartIncluding": "6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format."
},
{
"lang": "es",
"value": "sot/source/sdstor/stgstrms.cxx en LibreOffice, en versiones anteriores a la 5.4.5.1 y versiones 6.x anteriores a la 6.0.1.1, emplea un tipo de datos incorrecto en la clase StgSmallStrm. Esto permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (uso de memoria previamente liberada con acceso de escritura) o que puedan causar otro tipo de impacto sin especificar mediante un documento manipulado que emplea el formato contenedor de archivo ole2 de almacenamiento estructurado."
}
],
"id": "CVE-2018-10119",
"lastModified": "2024-11-21T03:40:52.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-16T09:58:10.463",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/48751/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/48756/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/48757/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/48758/"
},
{
"source": "cve@mitre.org",
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=fdd41c995d1f719e92c6f083e780226114762f05"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/48751/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/48756/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/48757/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://gerrit.libreoffice.org/#/c/48758/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=fdd41c995d1f719e92c6f083e780226114762f05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-21 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html | Patch | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html | ||
| secalert@redhat.com | http://osvdb.org/76178 | ||
| secalert@redhat.com | http://secunia.com/advisories/50692 | ||
| secalert@redhat.com | http://secunia.com/advisories/60799 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201209-05.xml | ||
| secalert@redhat.com | http://www.debian.org/security/2011/dsa-2315 | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | ||
| secalert@redhat.com | http://www.libreoffice.org/advisories/CVE-2011-2713/ | Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:172 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/49969 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026145 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=725668 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/76178 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50692 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60799 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201209-05.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2315 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/advisories/CVE-2011-2713/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:172 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/49969 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026145 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=725668 | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 3.3.0 | |
| libreoffice | libreoffice | 3.3.1 | |
| libreoffice | libreoffice | 3.3.2 | |
| libreoffice | libreoffice | 3.3.3 | |
| libreoffice | libreoffice | 3.3.4 | |
| libreoffice | libreoffice | 3.4.0 | |
| libreoffice | libreoffice | 3.4.1 | |
| sun | openoffice.org | 3.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D495A0-AAE6-49C5-998F-EF4D07B64D2A",
"versionEndIncluding": "3.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EC7F36-4505-425A-858A-7CC7E11FAEEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "946A4315-09BD-4A88-82ED-F4922CD884CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A2508E2-C2C0-4949-B69C-B610E2F2058B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "126BF2A1-6E4A-4504-904F-3BDF4B2DC7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "59FA72B2-802F-4562-87C2-4C1E4C7E9EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "50BB322E-AE9A-4108-82BA-AAB8A57F2FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A836FE3-A50E-4ADD-8BD9-8D12C92A85CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:openoffice.org:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CACDFE22-3ED3-45CE-BA0D-AE30553D5385",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser."
},
{
"lang": "es",
"value": "oowriter en OpenOffice.org v3.3.0 y LibreOffice anterior a v3.4.3 permite a atacantes remotos asistidos por un usuario pueden provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante un archivo DOC manipulado que provoca una lectura fuera del l\u00edmite analizador sint\u00e1ctico de DOC sprm."
}
],
"id": "CVE-2011-2713",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-10-21T18:55:00.850",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/76178"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/50692"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60799"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2315"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/advisories/CVE-2011-2713/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:172"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/49969"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026145"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/76178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/advisories/CVE-2011-2713/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725668"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-04-27 19:15
Modified
2025-07-03 21:26
Severity ?
Summary
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation.
In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid
This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 24.8.0.0 | |
| libreoffice | libreoffice | 24.8.0.0 | |
| libreoffice | libreoffice | 25.2.0.0 | |
| libreoffice | libreoffice | 25.2.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD405BA2-8F34-4357-BAB8-318569954069",
"versionEndExcluding": "24.8.6.0",
"versionStartIncluding": "24.8.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86D26ABF-BF83-4C25-A31B-B15B17B708E4",
"versionEndExcluding": "25.2.2",
"versionStartIncluding": "25.2.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:24.8.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "910F0BB3-ECA0-4338-B67B-A9BBD6FFDCB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:24.8.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7A1C6BCA-6638-4925-A32B-217282923645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:25.2.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "CB7D3327-6D96-42FE-B4E2-0D6C44409D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:25.2.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E2AB7E83-11C6-4177-8796-57D476B24E1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation.\n\n\n\n\nIn the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid\n\n\n\n\nThis issue affects LibreOffice: from 24.8 before \u003c 24.8.6, from 25.2 before \u003c 25.2.2."
},
{
"lang": "es",
"value": "La vulnerabilidad de verificaci\u00f3n incorrecta de firma criptogr\u00e1fica en LibreOffice permite la suplantaci\u00f3n de firmas PDF mediante una validaci\u00f3n incorrecta. En las versiones afectadas de LibreOffice, una falla en el c\u00f3digo de verificaci\u00f3n de firmas adbe.pkcs7.sha1 podr\u00eda provocar que firmas no v\u00e1lidas se acepten como v\u00e1lidas. Este problema afecta a LibreOffice: desde la versi\u00f3n 24.8 hasta la 24.8.6, desde la versi\u00f3n 25.2 hasta la 25.2.2."
}
],
"id": "CVE-2025-2866",
"lastModified": "2025-07-03T21:26:26.980",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@documentfoundation.org",
"type": "Secondary"
}
]
},
"published": "2025-04-27T19:15:15.137",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-2866"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-05 18:29
Modified
2024-11-21 03:50
Severity ?
Summary
The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/105047 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.documentfoundation.org/show_bug.cgi?id=118514 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105047 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.documentfoundation.org/show_bug.cgi?id=118514 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16FF2024-BE89-4EFA-8CFB-BB3CBFB1F1C1",
"versionEndIncluding": "6.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site."
},
{
"lang": "es",
"value": "La funci\u00f3n get_app_path en desktop/unx/source/start.c en LibreOffice hasta la versi\u00f3n 6.0.5 gestiona de manera incorrecta la funci\u00f3n realpath en ciertos entornos, como FreeBSD libc, lo que podr\u00eda permitir que atacantes provoquen una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer y cierre inesperado de la aplicaci\u00f3n) o, posiblemente, otro tipo de impacto sin especificar si se inicia autom\u00e1ticamente LibreOffice durante la navegaci\u00f3n web con nombres de ruta controlados por un sitio web remoto."
}
],
"id": "CVE-2018-14939",
"lastModified": "2024-11-21T03:50:07.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-05T18:29:00.207",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105047"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=118514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=118514"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-25 20:15
Modified
2024-11-21 07:58
Severity ?
Summary
Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html | ||
| security@documentfoundation.org | https://security.gentoo.org/glsa/202311-15 | ||
| security@documentfoundation.org | https://www.debian.org/security/2023/dsa-5415 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202311-15 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2023/dsa-5415 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE6DDB40-5CAE-4AD0-B7A5-D8E2E8E07C9D",
"versionEndExcluding": "7.4.7",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7FB6F14-A821-42FD-ACDC-3D30292595D4",
"versionEndExcluding": "7.5.3",
"versionStartIncluding": "7.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used \"floating frames\" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3."
}
],
"id": "CVE-2023-2255",
"lastModified": "2024-11-21T07:58:14.943",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-25T20:15:09.350",
"references": [
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://security.gentoo.org/glsa/202311-15"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5415"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202311-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-25 15:15
Modified
2024-11-21 06:53
Severity ?
Summary
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user's configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://www.openwall.com/lists/oss-security/2022/08/13/1 | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2022/08/13/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20BCBB73-64D6-44F0-8B7F-F94269E9EEDA",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1452E9B-C09C-4BF4-AE1F-C3AF6698BC33",
"versionEndExcluding": "7.3.3",
"versionStartIncluding": "7.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports the storage of passwords for web connections in the user\u2019s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user\u0027s configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1."
},
{
"lang": "es",
"value": "LibreOffice admite el almacenamiento de contrase\u00f1as para las conexiones web en la base de datos de configuraci\u00f3n del usuario. Las contrase\u00f1as almacenadas se cifran con una \u00fanica clave maestra proporcionada por el usuario. Se presentaba un fallo en LibreOffice en el que el vector de inicializaci\u00f3n requerido para el cifrado era siempre el mismo, lo que debilitaba la seguridad del cifrado haci\u00e9ndolo vulnerable si un atacante ten\u00eda acceso a los datos de configuraci\u00f3n del usuario. Este problema afecta a: The Document Foundation LibreOffice versiones 7.2 anteriores a 7.2.7; versiones 7.3 anteriores a 7.3.1"
}
],
"id": "CVE-2022-26306",
"lastModified": "2024-11-21T06:53:43.550",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-25T15:15:09.353",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/1"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-14 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/ | ||
| cve@mitre.org | http://www.securityfocus.com/bid/97668 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416 | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201706-28 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97668 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-28 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*",
"matchCriteriaId": "570C0612-FE5E-4003-8EB0-D156278EE2E5",
"versionEndIncluding": "5.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx."
},
{
"lang": "es",
"value": "LibreOffice en versiones anteriores a 22-12-2016 tiene una escritura fuera de l\u00edmites provocada por un desbordamiento de b\u00fafer basado en memoria din\u00e1mica relacionado con la funci\u00f3n EnhWMFReader::ReadEnhWMF en VCL/fuente/filtro/WMF/enhwmf.cxx."
}
],
"id": "CVE-2016-10327",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-14T04:59:00.167",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97668"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201706-28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201706-28"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-09 08:29
Modified
2025-04-20 01:37
Severity ?
Summary
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.documentfoundation.org/show_bug.cgi?id=112269 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1489337 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceforge.net/p/libwpd/tickets/14/ | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.documentfoundation.org/show_bug.cgi?id=112269 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1489337 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/p/libwpd/tickets/14/ | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libwpd | libwpd | 0.10.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20A88F1B-439B-477D-ACEA-F839F392E833",
"versionEndIncluding": "5.3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libwpd:libwpd:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "419E516E-2F49-4DF0-B725-85E08BF517CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application."
},
{
"lang": "es",
"value": "WP1StylesListener.cpp, WP5StylesListener.cpp, y WP42StylesListener.cpp en libwpd 0.10.1 no gestiona iteradores correctamente, lo que permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (sobrelectura de b\u00fafer basada en mont\u00edculos en la clase WPXTableList en WPXTable.cpp). Esta vulnerabilidad puede desencadenarse en LibreOffice en versiones anteriores a la 5.3.7. Podr\u00eda conducir a un ataque remoto contra una aplicaci\u00f3n LibreOffice."
}
],
"id": "CVE-2017-14226",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-09T08:29:00.240",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=112269"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489337"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/libwpd/tickets/14/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.documentfoundation.org/show_bug.cgi?id=112269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceforge.net/p/libwpd/tickets/14/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-09-17 15:15
Modified
2024-11-21 09:52
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED260C8-BAEA-47C1-BA83-AC2671E59D29",
"versionEndExcluding": "24.2.5",
"versionStartIncluding": "24.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Digital Signature Invalidation\u00a0 vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before \u003c 24.2.5."
},
{
"lang": "es",
"value": "Vulnerabilidad de invalidaci\u00f3n de firma digital incorrecta en el modo de reparaci\u00f3n zip de The Document Foundation LibreOffice permite vulnerabilidad de falsificaci\u00f3n de firma en LibreOfficeEste problema afecta a LibreOffice: desde 24.2 hasta \u0026lt; 24.2.5."
}
],
"id": "CVE-2024-7788",
"lastModified": "2024-11-21T09:52:07.257",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-17T15:15:14.413",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-7788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00007.html"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-03 12:15
Modified
2024-11-21 05:55
Severity ?
Summary
In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://positive.security/blog/url-open-rce#open-libreoffice | Exploit, Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://positive.security/blog/url-open-rce#open-libreoffice | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37496EEC-C63C-46DE-92F2-A29DECF95EE2",
"versionEndExcluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA884385-2527-4F68-9FD5-67ECD9A89F42",
"versionEndExcluding": "7.1.2",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn\u0027t match the denylist but results in ShellExecute attempting to launch an executable type."
},
{
"lang": "es",
"value": "En la serie LibreOffice 7-1 en versiones anteriores a 7.1.2, y en la serie 7-0 en versiones anteriores a 7.0.5, la denylist puede ser omitida al manipular el enlace para que no coincida con la denylist pero resulte en ShellExecute intentando iniciar un tipo ejecutable."
}
],
"id": "CVE-2021-25631",
"lastModified": "2024-11-21T05:55:10.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-03T12:15:07.417",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://positive.security/blog/url-open-rce#open-libreoffice"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://positive.security/blog/url-open-rce#open-libreoffice"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-184"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-10 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-2619.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3394 | Third Party Advisory | |
| cve@mitre.org | http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ | Vendor Advisory | |
| cve@mitre.org | http://www.openoffice.org/security/cves/CVE-2015-4551.html | Vendor Advisory | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/77486 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1034085 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1034091 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2793-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201611-03 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-2619.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3394 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2015-4551.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/77486 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034085 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034091 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2793-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201611-03 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| apache | openoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "038CCC30-52CD-40B3-A24C-B6DB1F5C13F1",
"versionEndIncluding": "4.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6A0B8F-8A90-4D67-A078-B8D8A84F4A69",
"versionEndIncluding": "4.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer."
},
{
"lang": "es",
"value": "LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2 usa la informaci\u00f3n de configuraci\u00f3n LinkUpdateMode almacenada en archivos OpenDocument Format y plantillas cuando maneja enlaces, lo que podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de un documento manipulado, lo que incrusta datos desde archivos locales a (1) Calc o (2) Writer."
}
],
"id": "CVE-2015-4551",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-11-10T17:59:00.117",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-4551.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-4551.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-10 16:15
Modified
2024-11-21 07:38
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Summary
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2023/12/28/4 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2024/01/03/4 | ||
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-1183 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2208506 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/12/28/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/01/03/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-1183 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2208506 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/ | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 7.5.0 | |
| fedoraproject | fedora | 38 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9B0083-D7EE-408F-B231-04A214EB3624",
"versionEndExcluding": "7.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3262DADC-C691-4D6D-85E4-E6D14D637258",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Libreoffice package. An attacker can craft an odb containing a \"database/script\" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker."
}
],
"id": "CVE-2023-1183",
"lastModified": "2024-11-21T07:38:37.307",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-10T16:15:48.773",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/4"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-1183"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208506"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-1183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-19 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html | ||
| secalert@redhat.com | http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da | Exploit, Patch | |
| secalert@redhat.com | http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e | Exploit, Patch | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0705.html | ||
| secalert@redhat.com | http://secunia.com/advisories/46992 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/47244 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/49373 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/49392 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/60799 | ||
| secalert@redhat.com | http://securitytracker.com/id?1027070 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2487 | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | ||
| secalert@redhat.com | http://www.libreoffice.org/advisories/cve-2012-2334/ | Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:090 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:091 | ||
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2012-2334.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/05/28/2 | ||
| secalert@redhat.com | http://www.osvdb.org/82517 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/53570 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=821803 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/75695 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0705.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46992 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/47244 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/49373 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/49392 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60799 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1027070 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2487 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/advisories/cve-2012-2334/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:090 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:091 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2012-2334.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/05/28/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/82517 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/53570 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=821803 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/75695 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | openoffice.org | 3.3 | |
| apache | openoffice.org | 3.4 | |
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 3.3.0 | |
| libreoffice | libreoffice | 3.3.1 | |
| libreoffice | libreoffice | 3.3.2 | |
| libreoffice | libreoffice | 3.3.3 | |
| libreoffice | libreoffice | 3.3.4 | |
| libreoffice | libreoffice | 3.4.0 | |
| libreoffice | libreoffice | 3.4.1 | |
| libreoffice | libreoffice | 3.4.2 | |
| libreoffice | libreoffice | 3.4.5 | |
| libreoffice | libreoffice | 3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice.org:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6F3D98-01D4-4A3C-A166-6BA96F46A77C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:openoffice.org:3.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "092CAB2F-42F4-4F2D-AA1A-926DBBA93A91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "585580A6-807B-4D69-A26A-587163E135AC",
"versionEndIncluding": "3.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EC7F36-4505-425A-858A-7CC7E11FAEEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "946A4315-09BD-4A88-82ED-F4922CD884CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A2508E2-C2C0-4949-B69C-B610E2F2058B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "126BF2A1-6E4A-4504-904F-3BDF4B2DC7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "59FA72B2-802F-4562-87C2-4C1E4C7E9EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "50BB322E-AE9A-4108-82BA-AAB8A57F2FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A836FE3-A50E-4ADD-8BD9-8D12C92A85CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F6C94C91-2FD1-4AA6-89BC-677521F7617D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7CCA6E-2B1D-4270-AEB7-BE9820397163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF24972-A9FD-4780-8399-859658D63A3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en filter/source/msfilter/msdffimp.cxx en OpenOffice.org (OOo) v3.3, v3.4 Beta, y posiblemente anteriores, y LibreOffice antes de v3.5.3, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de la longitud de un registro de gr\u00e1ficos Escher en una presentaci\u00f3n de PowerPoint (.ppt), que provoca un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2012-2334",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-19T20:55:06.600",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46992"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47244"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49373"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49392"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60799"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1027070"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2487"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-2334/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-2334.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/05/28/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/82517"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/53570"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821803"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1027070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-2334/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-2334.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/05/28/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/82517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=821803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75695"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-08 16:15
Modified
2024-11-21 05:00
Severity ?
Summary
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitted from this protection prior to version 6.4.4. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/ | ||
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| fedoraproject | fedora | 31 | |
| opensuse | leap | 15.1 | |
| opensuse | leap | 15.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "884EC10F-81A5-439D-8575-019B8EF77C04",
"versionEndExcluding": "6.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a \u0027stealth mode\u0027 in which only documents from locations deemed \u0027trusted\u0027 are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice\u0027s ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitted from this protection prior to version 6.4.4. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4."
},
{
"lang": "es",
"value": "LibreOffice tiene un \"stealth mode\" en el que solo los documentos de ubicaciones consideradas \"trusted\" pueden recuperar recursos remotos. Este modo no es el modo predeterminado, pero puede ser habilitado por los usuarios que deseen deshabilitar la capacidad de LibreOffice de incluir recursos remotos dentro de un documento. Exist\u00eda un fallo donde enlaces gr\u00e1ficos remotos cargados desde documentos docx fueron omitidos de esta protecci\u00f3n antes de la versi\u00f3n 6.4.4. Este problema afecta: Las versiones de Document Foundation LibreOffice anteriores a 6.4.4"
}
],
"id": "CVE-2020-12802",
"lastModified": "2024-11-21T05:00:19.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-08T16:15:09.993",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-14 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3837 | ||
| cve@mitre.org | http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/ | ||
| cve@mitre.org | http://www.securityfocus.com/bid/97671 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1039029 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2017:1975 | ||
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722 | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201706-28 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3837 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97671 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039029 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1975 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-28 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*",
"matchCriteriaId": "570C0612-FE5E-4003-8EB0-D156278EE2E5",
"versionEndIncluding": "5.3.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx."
},
{
"lang": "es",
"value": "LibreOffice en versiones anteriores a 02-01-2017 tiene una escritura fuera de l\u00edmites provocado por un desbordamiento de b\u00fafer basado en memoria din\u00e1mica en relaci\u00f3n con la funci\u00f3n tools::Polygon::Insert en tools/source/generic/poly.cxx"
}
],
"id": "CVE-2017-7870",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-14T04:59:00.757",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3837"
},
{
"source": "cve@mitre.org",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97671"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1039029"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:1975"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201706-28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1039029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201706-28"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-26 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/59600 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/59877 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/60235 | Broken Link | |
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2014-3524.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/533200/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/bid/69351 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030755 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/95421 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59600 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59877 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60235 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2014-3524.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/533200/100/0/threaded | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/69351 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030755 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/95421 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | openoffice | * | |
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B33E0CB6-2B56-45AC-9268-8AD54AC99DC0",
"versionEndExcluding": "4.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF647EF-54CE-43BC-A5D2-5FA854BEFB46",
"versionEndExcluding": "4.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4341B2DF-D74B-4EF6-8975-35E18308797B",
"versionEndExcluding": "4.3.1",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet."
},
{
"lang": "es",
"value": "Apache OpenOffice anterior a 4.1.1 permite a atacantes remotos ejecutar comandos arbitrarios y posiblemente tener otro impacto no especificado a trav\u00e9s de una hoja de c\u00e1lculo Calc manipulada."
}
],
"id": "CVE-2014-3524",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-08-26T14:55:05.923",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59600"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59877"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60235"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2014-3524.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533200/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69351"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95421"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2014-3524.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533200/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-10 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-2619.html | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3394 | Third Party Advisory | |
| secalert@redhat.com | http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ | Vendor Advisory | |
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2015-5212.html | Vendor Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/77486 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1034085 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1034091 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2793-1 | Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201611-03 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-2619.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3394 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2015-5212.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/77486 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034085 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034091 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2793-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201611-03 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| apache | openoffice | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "038CCC30-52CD-40B3-A24C-B6DB1F5C13F1",
"versionEndIncluding": "4.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF6A0B8F-8A90-4D67-A078-B8D8A84F4A69",
"versionEndIncluding": "4.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting \"Load printer settings with the document\" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document."
},
{
"lang": "es",
"value": "Desbordamiento de entero en LibreOffice en versiones anteriores a 4.4.5 y Apache OpenOffice en versiones anteriores a 4.1.2, cuando est\u00e1 habilitado el ajuste de configuraci\u00f3n \u0027Load printer settings with the document\u0027, permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos PrinterSetup manipulados en un documento ODF."
}
],
"id": "CVE-2015-5212",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-11-10T17:59:02.117",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5212.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2015-5212.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2793-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-03"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-14 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/ | ||
| cve@mitre.org | http://www.securityfocus.com/bid/97667 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97667 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "064A809A-AF00-4197-82E3-0B749A78EFCA",
"versionEndIncluding": "5.2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx."
},
{
"lang": "es",
"value": "LibreOffice en versiones anteriores a 11-03-2017 tiene una escritura fuera de l\u00edmites provocado por un desbordamiento de b\u00fafer basado en memoria din\u00e1mica en la funci\u00f3n SVMConverter::ImplConvertFromSVM1 en vcl/source/gdi/svmconverter.cxx"
}
],
"id": "CVE-2017-7856",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-14T04:59:00.227",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97667"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-27 00:55
Modified
2025-04-12 10:46
Severity ?
Summary
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html | Broken Link | |
| secalert@redhat.com | http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ | Vendor Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-0377.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/59600 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/59877 | Broken Link | |
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2014-3575.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/69354 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1030754 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/95420 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0377.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59600 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59877 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2014-3575.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/69354 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030754 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/95420 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-05 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| apache | openoffice | * | |
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B33E0CB6-2B56-45AC-9268-8AD54AC99DC0",
"versionEndExcluding": "4.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF647EF-54CE-43BC-A5D2-5FA854BEFB46",
"versionEndExcluding": "4.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4341B2DF-D74B-4EF6-8975-35E18308797B",
"versionEndExcluding": "4.3.1",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects."
},
{
"lang": "es",
"value": "La generaci\u00f3n de previsualizaciones OLE en Apache OpenOffice anterior a 4.1.1 y OpenOffice.org (OOo) podr\u00eda permitir a atacantes remotos embeber datos arbitrarios en documentos a trav\u00e9s de objetos OLE manipulados."
}
],
"id": "CVE-2014-3575",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-08-27T00:55:04.037",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59600"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59877"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2014-3575.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69354"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030754"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95420"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-08/0115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/137657.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2014-3575.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-05"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-25 20:15
Modified
2025-04-23 17:16
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html | ||
| security@documentfoundation.org | https://security.gentoo.org/glsa/202311-15 | ||
| security@documentfoundation.org | https://www.debian.org/security/2023/dsa-5415 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202311-15 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2023/dsa-5415 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA35157-E774-4C1A-B18E-70D9C7F08603",
"versionEndExcluding": "7.4.6",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFEF7D8-AA92-4464-B771-83F3A8ADCF8F",
"versionEndExcluding": "7.5.2",
"versionStartIncluding": "7.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1."
}
],
"id": "CVE-2023-0950",
"lastModified": "2025-04-23T17:16:24.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-25T20:15:09.207",
"references": [
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://security.gentoo.org/glsa/202311-15"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5415"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202311-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-129"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-129"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-15 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/ | ||
| cve@mitre.org | http://www.securityfocus.com/bid/97684 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860 | Issue Tracking, Patch | |
| cve@mitre.org | https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97684 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c | Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6FB845-4F3E-48DD-B9BB-9986BD4F48FC",
"versionEndIncluding": "5.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx."
},
{
"lang": "es",
"value": "LibreOffice en versiones anteriores a 14-03-2017 tiene una escritura fuera de l\u00edmites relacionada con la funci\u00f3n HWPFile::TagsRead en hwpfilter/source/hwpfile.cxx."
}
],
"id": "CVE-2017-7882",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-15T16:59:00.410",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97684"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-08 16:15
Modified
2024-11-21 05:00
Severity ?
Summary
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for macros or other active scripting Prior to version 6.4.4 LibreOffice allowed forms to be submitted to any URI, including file: URIs, enabling form submissions to overwrite local files. User-interaction is required to submit the form, but to avoid the possibility of malicious documents engineered to maximize the possibility of inadvertent user submission this feature has now been limited to http[s] URIs, removing the possibility to overwrite local files. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html | Broken Link | |
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html | Broken Link | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/ | ||
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12803 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12803 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| opensuse | leap | 15.1 | |
| fedoraproject | fedora | 31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "884EC10F-81A5-439D-8575-019B8EF77C04",
"versionEndExcluding": "6.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for macros or other active scripting Prior to version 6.4.4 LibreOffice allowed forms to be submitted to any URI, including file: URIs, enabling form submissions to overwrite local files. User-interaction is required to submit the form, but to avoid the possibility of malicious documents engineered to maximize the possibility of inadvertent user submission this feature has now been limited to http[s] URIs, removing the possibility to overwrite local files. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4."
},
{
"lang": "es",
"value": "Los documentos ODF pueden contener formularios para ser completados por parte del usuario. De manera similar a los formularios HTML, los datos del formulario contenido pueden ser enviados hacia un URI, por ejemplo, hacia un servidor web externo. Para crear formularios enviables, ODF implementa el est\u00e1ndar XForms W3C, que permite el env\u00edo de datos sin la necesidad de macros u otro scripting activo. LibreOffice versiones anteriores a 6.4.4 permiti\u00f3 que formularios sean enviados hacia cualquier URI, incluyendo los URI file:, permitiendo env\u00edos de formularios para sobrescribir archivos locales. Una interacci\u00f3n del usuario es requerida para enviar el formulario, pero para evitar la posibilidad de documentos maliciosos dise\u00f1ados para maximizar la posibilidad de env\u00edo involuntario del usuario, esta caracter\u00edstica ahora se ha limitado a los URI http[s], eliminando la posibilidad de sobrescribir archivos locales. Este problema afecta: Document Foundation LibreOffice versiones anteriores a 6.4.4"
}
],
"id": "CVE-2020-12803",
"lastModified": "2024-11-21T05:00:19.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-08T16:15:10.057",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12803"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-08-06 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1135.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/50142 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/50146 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/50692 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/60799 | Broken Link | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201209-05.xml | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2520 | Third Party Advisory | |
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | Third Party Advisory | |
| secalert@redhat.com | http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/ | Vendor Advisory | |
| secalert@redhat.com | http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/54769 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id?1027331 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id?1027332 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1536-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1537-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=826077 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1135.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50142 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50146 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50692 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60799 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201209-05.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2520 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/54769 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027331 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027332 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1536-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1537-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=826077 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | openoffice | * | |
| libreoffice | libreoffice | * | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_for_ibm_z_systems | 6.0 | |
| redhat | enterprise_linux_for_power_big_endian | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_from_rhui_6 | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2CB966-FB57-48F0-BEFE-F69E41A2AA0A",
"versionEndExcluding": "3.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A9CDF2-52E5-4B08-BB1F-4F7B039DA898",
"versionEndExcluding": "3.5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5291B60-AB52-4830-8E1A-8048A471902C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25C8B513-76C1-4184-A253-CB32F04A05BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui_6:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6E2B14-4C84-4276-AAC4-EC9AE5985F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de bufer basado en en la funcionalidad de cifrado de manifiesto XML en la etiqueta en OpenOffice.org y LibreOffice anterior a v3.5.5 permite a atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un Documento de texto dise\u00f1ado (. Odt) con el archivo(1) una etiqueta de ni\u00f1o dentro de una etiqueta principal incorrecta, (2) duplicar los tags, o (3) un ChecksumAttribute Base64 cuya longitud no es divisible por cuatro."
}
],
"id": "CVE-2012-2665",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-06T18:55:01.133",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1135.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50142"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50146"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50692"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60799"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2520"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/54769"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1027331"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1027332"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1536-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1537-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2012-2665/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-05.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/54769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1027331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1027332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1536-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1537-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826077"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-26 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3163 | Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2014/11/19/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2014/11/26/7 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2578-1 | Third Party Advisory | |
| cve@mitre.org | https://bugs.freedesktop.org/show_bug.cgi?id=86449 | Issue Tracking | |
| cve@mitre.org | https://security.gentoo.org/glsa/201603-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3163 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/11/19/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/11/26/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2578-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.freedesktop.org/show_bug.cgi?id=86449 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| fedoraproject | fedora | 20 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32FC8DD2-A0B6-493B-BCC5-77325B8784FF",
"versionEndIncluding": "4.3.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file."
},
{
"lang": "es",
"value": "LibreOffice anterior a 4.3.5 permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n de escritura inv\u00e1lida y ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero RTF manipulado."
}
],
"id": "CVE-2014-9093",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-26T15:59:09.153",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3163"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/26/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=86449"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201603-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/19/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/11/26/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2578-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=86449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-11 12:15
Modified
2025-02-13 18:16
Severity ?
8.3 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.
In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/ | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://www.debian.org/security/2023/dsa-5574 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/cve-2023-6186 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2023/dsa-5574 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2023-6186 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| fedoraproject | fedora | 38 | |
| debian | debian_linux | 11.0 | |
| debian | debian_linux | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3620339-BFEE-459E-937D-7F785CEE9C9F",
"versionEndExcluding": "7.5.9",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C255150-B48F-4F2A-8E7E-0C9D6CA3504D",
"versionEndExcluding": "7.6.4",
"versionStartIncluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.\n\nIn affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user."
},
{
"lang": "es",
"value": "La validaci\u00f3n insuficiente de permisos en las macros de The Document Foundation LibreOffice permite a un atacante ejecutar macros integradas sin previo aviso. En las versiones afectadas, LibreOffice admite hiperv\u00ednculos con macros o destinos de comandos integrados similares que se pueden ejecutar cuando se activan sin advertir al usuario."
}
],
"id": "CVE-2023-6186",
"lastModified": "2025-02-13T18:16:06.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 6.0,
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-11T12:15:07.713",
"references": [
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5574"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6186"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-19 12:10
Modified
2025-04-11 00:51
Severity ?
Summary
LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7&id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b | ||
| cve@mitre.org | http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=44bc6b5cac723b52df40fbef026e99b7119d8a69 | ||
| cve@mitre.org | http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=6789ec4c1a9c6af84bd62e650a03226a46365d97 | ||
| cve@mitre.org | http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=8ca9fb05c9967f11670d045886438ddfa3ac02a7 | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2012-12/msg00075.html | ||
| cve@mitre.org | http://www.debian.org/security/2012/dsa-2570 | ||
| cve@mitre.org | http://www.libreoffice.org/advisories/cve-2012-4233/ | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2012/11/02/2 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/56352 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/79728 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/79730 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/79731 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/79732 | ||
| cve@mitre.org | https://www.htbridge.com/advisory/HTB23106 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7&id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=44bc6b5cac723b52df40fbef026e99b7119d8a69 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=6789ec4c1a9c6af84bd62e650a03226a46365d97 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=8ca9fb05c9967f11670d045886438ddfa3ac02a7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2012-12/msg00075.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2570 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/advisories/cve-2012-4233/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/11/02/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/56352 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/79728 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/79730 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/79731 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/79732 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.htbridge.com/advisory/HTB23106 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 3.5 | |
| libreoffice | libreoffice | 3.5. | |
| libreoffice | libreoffice | 3.5.0 | |
| libreoffice | libreoffice | 3.5.0 | |
| libreoffice | libreoffice | 3.5.0 | |
| libreoffice | libreoffice | 3.5.0 | |
| libreoffice | libreoffice | 3.5.1 | |
| libreoffice | libreoffice | 3.5.1 | |
| libreoffice | libreoffice | 3.5.1 | |
| libreoffice | libreoffice | 3.5.2 | |
| libreoffice | libreoffice | 3.5.2 | |
| libreoffice | libreoffice | 3.5.2 | |
| libreoffice | libreoffice | 3.5.3 | |
| libreoffice | libreoffice | 3.5.3 | |
| libreoffice | libreoffice | 3.5.3 | |
| libreoffice | libreoffice | 3.5.4 | |
| libreoffice | libreoffice | 3.5.4 | |
| libreoffice | libreoffice | 3.5.5 | |
| libreoffice | libreoffice | 3.5.5.1 | |
| libreoffice | libreoffice | 3.5.5.2 | |
| libreoffice | libreoffice | 3.5.5.3 | |
| libreoffice | libreoffice | 3.5.6 | |
| libreoffice | libreoffice | 3.5.6.1 | |
| libreoffice | libreoffice | 3.5.6.2 | |
| libreoffice | libreoffice | 3.5.6.3 | |
| sun | openoffice.org | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A25208-BCA4-4EF7-BBA6-2B73C89112FE",
"versionEndIncluding": "3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF24972-A9FD-4780-8399-859658D63A3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.:rc1:*:*:*:*:*:*",
"matchCriteriaId": "07E000BD-769A-4327-BFE2-178FEB75BF17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA7346A-7B1F-4887-81D5-DE36F9273E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F7A922D-56EC-443E-8DA7-83A40CE8DD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "555AA9DE-E9AE-4D79-B58A-D7D1F77C59C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C885BBE1-A6FB-4F03-968E-5395264879A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2034D2-2DF4-4D0E-995D-B2D7E79BD78A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB89404D-1616-4B47-925F-21AD49D912A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8965B61C-C399-4F26-900F-4EE2B66C0924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41D5D8AA-8379-49F9-ACA8-68BC8B9645E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7FCBB508-E43B-4B7E-8C2D-1DD9FE10FAD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0273DEFE-8856-45E9-9B15-15C8F1195C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "667444C7-EC6E-4CCA-B672-328848CF435F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0BB29071-B4D8-4544-835B-B5FA7FF3A034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D0D2C888-E91D-4102-AF84-071C377DE60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7ECD3CB-F403-4FDF-B185-FE671EE15107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BCDDFF20-1EFE-4ECA-B360-B1A65C240936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "76872DF4-577C-4DDE-BCD3-82858FF1669A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A41EC0A-E169-4EC0-A570-0EE5B4AE1C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "90FFC067-6932-44AB-A065-96A835E8AC86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9392ED80-3FE2-40F2-A3A6-9757C347AF32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC7AAC3-D08F-4F25-9432-4D823327375A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A623D-2974-4113-8D8F-1BC0FEA07C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5301CDC2-27A6-44A2-8669-F700721A01F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "295AAC9C-969A-4545-A6DD-84C52E6D6B1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:openoffice.org:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B25A45C-697A-4DF4-831E-683C823B624D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll."
},
{
"lang": "es",
"value": "LibreOffice v3.5.x antes de v3.5.7.2 y v3.6.x antes de v3.6.1, y OpenOffice.org (OOo), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia puntero NULL) a trav\u00e9s de un archivo manipulado(1) odt a vcllo.dll, (2) .ODG (documento de dibujo) a svxcorelo.dll, (3) un registro PolyPolygon en un archivo.wmf (Window Meta File) incrustado en un archivo ppt (PowerPoint) a tllo.dll o (4) un archivo xls (Excel) a scfiltlo.dll."
}
],
"id": "CVE-2012-4233",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-11-19T12:10:51.243",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7\u0026id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b"
},
{
"source": "cve@mitre.org",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=44bc6b5cac723b52df40fbef026e99b7119d8a69"
},
{
"source": "cve@mitre.org",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=6789ec4c1a9c6af84bd62e650a03226a46365d97"
},
{
"source": "cve@mitre.org",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=8ca9fb05c9967f11670d045886438ddfa3ac02a7"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00075.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2012/dsa-2570"
},
{
"source": "cve@mitre.org",
"url": "http://www.libreoffice.org/advisories/cve-2012-4233/"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2012/11/02/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/56352"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79728"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79730"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79731"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79732"
},
{
"source": "cve@mitre.org",
"url": "https://www.htbridge.com/advisory/HTB23106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7\u0026id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=44bc6b5cac723b52df40fbef026e99b7119d8a69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=6789ec4c1a9c6af84bd62e650a03226a46365d97"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7\u0026id=8ca9fb05c9967f11670d045886438ddfa3ac02a7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.libreoffice.org/advisories/cve-2012-4233/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/11/02/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79730"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.htbridge.com/advisory/HTB23106"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2024-11-21 05:55
Severity ?
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to contain both "X509Data" and "KeyValue" children of the "KeyInfo" tag, which when opened caused LibreOffice to verify using the "KeyValue" but to report verification with the unrelated "X509Data" value. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.5.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NE6UIBCPZWRBWPSEGJOPNWPPT3CCMVH2/ | ||
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NE6UIBCPZWRBWPSEGJOPNWPPT3CCMVH2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| fedoraproject | fedora | 34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DFE4A1B-0C41-4294-9EC5-5DC94366C492",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to contain both \"X509Data\" and \"KeyValue\" children of the \"KeyInfo\" tag, which when opened caused LibreOffice to verify using the \"KeyValue\" but to report verification with the unrelated \"X509Data\" value. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.5."
},
{
"lang": "es",
"value": "LibreOffice soporta firmas digitales de documentos ODF y macros dentro de documentos, presentando ayudas visuales de que no ha sido producido ninguna alteraci\u00f3n del documento desde la \u00faltima firma y que la firma es v\u00e1lida. Una vulnerabilidad de comprobaci\u00f3n inapropiada de certificados en LibreOffice permit\u00eda a un atacante crear un documento ODF firmado digitalmente, manipulando el flujo documentsignatures.xml o macrosignatures.xml dentro del documento para que contuviera los hijos \"X509Data\" y \"KeyValue\" de la etiqueta \"KeyInfo\", que cuando era abierta causaba que LibreOffice verificara usando el \"KeyValue\" pero informara de la verificaci\u00f3n con el valor \"X509Data\" no relacionado. Este problema afecta a: Document Foundation LibreOffice versiones 7.2 anteriores a 7.2.5"
}
],
"id": "CVE-2021-25636",
"lastModified": "2024-11-21T05:55:11.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-24T15:15:21.813",
"references": [
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NE6UIBCPZWRBWPSEGJOPNWPPT3CCMVH2/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NE6UIBCPZWRBWPSEGJOPNWPPT3CCMVH2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-07-21 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d | Patch | |
| secalert@redhat.com | http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877 | Patch | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html | ||
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/953183 | Patch, US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:172 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2011/07/06/13 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2011/07/12/13 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/953183 | Patch, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:172 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2011/07/06/13 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2011/07/12/13 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 3.3.0 | |
| libreoffice | libreoffice | 3.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370513BA-331F-4EF3-87F9-6B839B8B089F",
"versionEndIncluding": "3.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EC7F36-4505-425A-858A-7CC7E11FAEEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "946A4315-09BD-4A88-82ED-F4922CD884CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el Lotus Word Pro importaci\u00f3n de filtro en LibreOffice en versiones anteriores a v3.3.3 que permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un archivo dise\u00f1ado. Archivo LWP"
}
],
"id": "CVE-2011-2685",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-07-21T23:55:03.973",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/953183"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:172"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/07/06/13"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/953183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/07/06/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/07/12/13"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-18 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2579.html | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3482 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1035022 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2899-1 | ||
| secalert@redhat.com | https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/ | Vendor Advisory | |
| secalert@redhat.com | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1223 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2579.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3482 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035022 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2899-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1223 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBA0309-BF91-40EC-AAF4-5E23432F1444",
"versionEndIncluding": "5.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document."
},
{
"lang": "es",
"value": "LibreOffice en versiones anteriores a 5.0.5 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente tener otro impacto no especificado a trav\u00e9s de un registro LwpTocSuperLayout manipulado en un documento LotusWordPro (lwp)."
}
],
"id": "CVE-2016-0795",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-18T21:59:02.260",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3482"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1035022"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2899-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2899-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1223"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-11 21:15
Modified
2024-11-21 07:18
Severity ?
Summary
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/ | ||
| security@documentfoundation.org | https://security.gentoo.org/glsa/202212-04 | Third Party Advisory | |
| security@documentfoundation.org | https://www.debian.org/security/2022/dsa-5252 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202212-04 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5252 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 7.4.0 | |
| debian | debian_linux | 11.0 | |
| fedoraproject | fedora | 35 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93AB6448-7296-4655-BC77-7F478445BC20",
"versionEndExcluding": "7.3.6",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB9DCD-F0F9-4ECF-AB1D-DE0E85A4FF68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme \u0027vnd.libreoffice.command\u0027 specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6."
},
{
"lang": "es",
"value": "LibreOffice es compatible con los esquemas URI de Office para permitir la integraci\u00f3n del navegador de LibreOffice con el servidor de MS SharePoint. Ha sido a\u00f1adido un esquema adicional \"vnd.libreoffice.command\" espec\u00edfico para LibreOffice. En versiones afectadas de LibreOffice los enlaces que usaban ese esquema pod\u00edan construirse para llamar a macros internas con argumentos arbitrarios. Lo cual, cuando hac\u00eda clic en ellos, o eran activados mediante eventos del documento, pod\u00eda resultar en una ejecuci\u00f3n de scripts arbitrarios sin previo aviso. Este problema afecta a: Las versiones de LibreOffice 7.4 de Document Foundation anteriores a 7.4.1; versiones 7.3 anteriores a 7.3.6"
}
],
"id": "CVE-2022-3140",
"lastModified": "2024-11-21T07:18:54.577",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-11T21:15:16.367",
"references": [
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202212-04"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5252"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202212-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-01 16:29
Modified
2024-11-21 03:41
Severity ?
Summary
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/fulldisclosure/2020/Oct/26 | ||
| cve@mitre.org | http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/ | Exploit, Mitigation, Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:3054 | Third Party Advisory | |
| cve@mitre.org | https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af%40%3Cdev.openoffice.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d%40%3Cdev.openoffice.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909%40%3Cdev.openoffice.apache.org%3E | ||
| cve@mitre.org | https://security-tracker.debian.org/tracker/CVE-2018-10583 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3883-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/44564/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Oct/26 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/ | Exploit, Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3054 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af%40%3Cdev.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d%40%3Cdev.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909%40%3Cdev.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2018-10583 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3883-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44564/ | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | 6.0.3 | |
| apache | openoffice | 4.1.5 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6584DD83-2DEA-4C93-A66D-EBC9D491C056",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "681147F9-5659-47DF-BB8C-ED8ED56EA8A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document."
},
{
"lang": "es",
"value": "Ocurre una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n cuando LibreOffice 6.0.3 y Apache OpenOffice Writer 4.1.5 procesan autom\u00e1ticamente e inician una conexi\u00f3n SMB embebida en un archivo malicioso, tal y como queda demostrado con xlink:href=file://192.168.0.2/test.jpg en un elemento office:document-content en un documento XML .odt."
}
],
"id": "CVE-2018-10583",
"lastModified": "2024-11-21T03:41:36.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-01T16:29:00.383",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2020/Oct/26"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af%40%3Cdev.openoffice.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d%40%3Cdev.openoffice.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909%40%3Cdev.openoffice.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2018-10583"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44564/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Oct/26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af%40%3Cdev.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d%40%3Cdev.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909%40%3Cdev.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2018-10583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3883-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44564/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-06 19:15
Modified
2024-11-21 04:52
Severity ?
Summary
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| microsoft | windows | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C5282A5-6EF5-4458-A35E-F688C6751B37",
"versionEndExcluding": "6.2.7",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9A03CA-E4B2-4935-9E97-A5772DC4DE93",
"versionEndExcluding": "6.3.1",
"versionStartIncluding": "6.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1."
},
{
"lang": "es",
"value": "LibreOffice es com\u00fanmente paquetizado con LibreLogo, un script de gr\u00e1ficos vectoriales turtle programable, que puede ejecutar comandos de python arbitrarios contenidos con el documento desde que es activado. LibreOffice tambi\u00e9n presenta una funcionalidad en la que los documentos pueden especificar que los scripts preinstalados pueden ser ejecutados en varios eventos de script de documentos, tales como mouse-over, etc. La protecci\u00f3n fue agregada para bloquear la llamada a LibreLogo desde los manejadores de eventos de script. Sin embargo, un fallo en el manejo de la equivalencia de ruta de Windows versi\u00f3n 8.3 dej\u00f3 a LibreOffice vulnerable bajo Windows que un documento podr\u00eda desencadenar la ejecuci\u00f3n de LibreLogo por medio del seud\u00f3nimo del nombre de archivo de Windows. Este problema afecta a: Document Foundation LibreOffice versiones 6.2 anteriores a 6.2.7; versiones 6.3 anteriores a 6.3.1."
}
],
"id": "CVE-2019-9855",
"lastModified": "2024-11-21T04:52:26.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-06T19:15:12.073",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-417"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-03 17:55
Modified
2025-04-12 10:46
Severity ?
Summary
LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html | Third Party Advisory | |
| secalert@redhat.com | http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-0377.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/57383 | ||
| secalert@redhat.com | http://secunia.com/advisories/59330 | ||
| secalert@redhat.com | http://secunia.com/advisories/60799 | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/68151 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2253-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugs.mageia.org/show_bug.cgi?id=13580 | Issue Tracking | |
| secalert@redhat.com | https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81 | ||
| secalert@redhat.com | https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0377.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57383 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/59330 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60799 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/68151 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2253-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.mageia.org/show_bug.cgi?id=13580 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 19 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| libreoffice | libreoffice | 4.2.4 | |
| canonical | ubuntu_linux | 14.04 | |
| opensuse | opensuse | 13.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "868731BE-8CD3-4C18-80E3-753A95187B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx."
},
{
"lang": "es",
"value": "LibreOffice 4.2.4 ejecuta macros VBA no especificados autom\u00e1ticamente, lo que tiene un impacto y vectores de ataque no especificados, posiblemente relacionado con doc/docmacromode.cxx."
}
],
"id": "CVE-2014-0247",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-03T17:55:05.780",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/57383"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/59330"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60799"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68151"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2253-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.mageia.org/show_bug.cgi?id=13580"
},
{
"source": "secalert@redhat.com",
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2253-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.mageia.org/show_bug.cgi?id=13580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-21 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html | Broken Link | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0705.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/46992 | ||
| secalert@redhat.com | http://secunia.com/advisories/47244 | ||
| secalert@redhat.com | http://secunia.com/advisories/49140 | ||
| secalert@redhat.com | http://secunia.com/advisories/49373 | ||
| secalert@redhat.com | http://secunia.com/advisories/49392 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/50692 | ||
| secalert@redhat.com | http://secunia.com/advisories/60799 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201209-05.xml | Third Party Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1027068 | Patch, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2473 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2487 | Third Party Advisory | |
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | Third Party Advisory | |
| secalert@redhat.com | http://www.libreoffice.org/advisories/cve-2012-1149/ | Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:090 | Broken Link | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:091 | Broken Link | |
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2012-1149.html | Third Party Advisory | |
| secalert@redhat.com | http://www.osvdb.org/81988 | Broken Link | |
| secalert@redhat.com | http://www.securityfocus.com/bid/53570 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/75692 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0705.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46992 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/47244 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/49140 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/49373 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/49392 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50692 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60799 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201209-05.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1027068 | Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2473 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2487 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/advisories/cve-2012-1149/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:090 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:091 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2012-1149.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/81988 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/53570 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/75692 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.2 | |
| redhat | enterprise_linux_server_eus | 6.2.z | |
| redhat | enterprise_linux_workstation | 6.0 | |
| apache | openoffice.org | 3.3.0 | |
| apache | openoffice.org | 3.4 | |
| fedoraproject | fedora | 15 | |
| fedoraproject | fedora | 16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "585580A6-807B-4D69-A26A-587163E135AC",
"versionEndIncluding": "3.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3115B4-5DF0-415B-83D9-CC460AF75586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice.org:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9388F8D9-CAE1-4F03-8E0A-467597C69F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:openoffice.org:3.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "092CAB2F-42F4-4F2D-AA1A-926DBBA93A91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*",
"matchCriteriaId": "9396E005-22D8-4342-9323-C7DEA379191D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*",
"matchCriteriaId": "706C6399-CAD1-46E3-87A2-8DFE2CF497ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Un desbordamiento de entero en el m\u00f3dulo de vclmi.dll en OpenOffice.org (OOo) v3.3, v3.4 Beta, y posiblemente en versiones anteriores, y LibreOffice antes de v3.5.3, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un objeto de imagen especificamente modificado para este fin incrustado en el documento, tal y como lo demuestra una imagen JPEG en un archivo .DOC, que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap)."
}
],
"id": "CVE-2012-1149",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-21T15:55:11.537",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46992"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/47244"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/49140"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/49373"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49392"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/50692"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60799"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1027068"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2473"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2487"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-1149/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-1149.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/81988"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/53570"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0089.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081319.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0705.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/47244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/49392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1027068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/advisories/cve-2012-1149/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-1149.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/81988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/53570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75692"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-09 06:29
Modified
2024-11-21 04:11
Severity ?
Summary
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:0418 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:0517 | Third Party Advisory | |
| cve@mitre.org | https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5&id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure | Exploit, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3579-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2018/dsa-4111 | Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/44022/ | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0418 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0517 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5&id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3579-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2018/dsa-4111 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44022/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 6.0.0 | |
| libreoffice | libreoffice | 6.0.0 | |
| libreoffice | libreoffice | 6.0.0 | |
| libreoffice | libreoffice | 6.0.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.4 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E94BCF92-C150-4A7B-B390-5D76F2B996B5",
"versionEndExcluding": "5.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE7ADC9-BCB5-4D11-9ACE-A4ACB0C9D3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "FAD1BF6C-5899-4875-ABC0-91D909E63F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "378C04CA-5D54-4581-B26A-0BA7246EE0AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "22319235-9C33-40F3-A07F-EF1DD9CECB4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function."
},
{
"lang": "es",
"value": "LibreOffice, en versiones anteriores a la 5.4.5 y versiones 6.x anteriores a la 6.0.1, permite que atacantes remotos lean archivos arbitrarios mediante llamadas =WEBSERVICE en un documento, que emplea la funci\u00f3n COM.MICROSOFT.WEBSERVICE."
}
],
"id": "CVE-2018-6871",
"lastModified": "2024-11-21T04:11:20.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-09T06:29:00.303",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0418"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0517"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5\u0026id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3579-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4111"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44022/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5\u0026id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3579-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44022/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-18 15:15
Modified
2024-11-21 05:00
Severity ?
Summary
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| opensuse | leap | 15.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D93FE67E-A0D5-423E-9A57-D533F674799B",
"versionEndExcluding": "6.3.6",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0506ED-80A9-4C34-8DB9-B79A57E506E5",
"versionEndExcluding": "6.4.3",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice\u0027s default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3."
},
{
"lang": "es",
"value": "Si LibreOffice presenta un documento encriptado abierto y se bloquea, ese documento se guarda autom\u00e1ticamente encriptado. Al reiniciar, LibreOffice ofrece restaurar el documento y pide la contrase\u00f1a para desencriptarlo. Si la recuperaci\u00f3n es exitosa, y si el formato de archivo del documento recuperado no era el formato de archivo ODF predeterminado de LibreOffice, entonces las versiones afectadas predeterminadas de LibreOffice que guarden posteriormente el documento est\u00e1n sin cifrar. Esto puede conllevar a que un usuario guarde accidentalmente un documento de formato de archivo MSOffice sin cifrar mientras cree que est\u00e1 cifrado. Este problema afecta: LibreOffice serie 6-3 versiones de anteriores a 6.3.6; serie 6-4 versiones anteriores a 6.4.3."
}
],
"id": "CVE-2020-12801",
"lastModified": "2024-11-21T05:00:19.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-18T15:15:11.003",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-311"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-07 18:15
Modified
2024-11-21 03:56
Severity ?
Summary
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://pdf-insecurity.org/signature/evaluation_2018.html | Third Party Advisory | |
| cve@mitre.org | https://pdf-insecurity.org/signature/signature.html | Third Party Advisory | |
| cve@mitre.org | https://www.foxitsoftware.com/support/security-bulletins.php | Vendor Advisory | |
| cve@mitre.org | https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pdf-insecurity.org/signature/evaluation_2018.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pdf-insecurity.org/signature/signature.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.foxitsoftware.com/support/security-bulletins.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| code-industry | master_pdf_editor | 5.1.12 | |
| code-industry | master_pdf_editor | 5.1.68 | |
| foxitsoftware | foxit_reader | 9.4 | |
| foxitsoftware | phantompdf | * | |
| foxitsoftware | phantompdf | 8.3.9 | |
| gonitro | nitro_pro | 11.0.3.173 | |
| gonitro | nitro_reader | 5.5.9.2 | |
| iskysoft | pdf_editor_6 | 6.4.2.3521 | |
| iskysoft | pdfelement6 | 6.8.0.3523 | |
| iskysoft | pdfelement6 | 6.8.4.3921 | |
| libreoffice | libreoffice | 6.0.6.2 | |
| libreoffice | libreoffice | 6.1.3.2 | |
| nuance | power_pdf_standard | 3.0.0.17 | |
| nuance | power_pdf_standard | 3.0.0.30 | |
| nuance | power_pdf_standard | 7.0 | |
| qoppa | pdf_studio | 12.0.7 | |
| qoppa | pdf_studio_viewer_2018 | 2018.0.1 | |
| qoppa | pdf_studio_viewer_2018 | 2018.2.0 | |
| soft-xpansion | perfect_pdf_10 | 10.0.0.1 | |
| soft-xpansion | perfect_pdf_reader | 13.0.3 | |
| soft-xpansion | perfect_pdf_reader | 13.1.5 | |
| microsoft | windows | - | |
| code-industry | master_pdf_editor | 5.1.12 | |
| code-industry | master_pdf_editor | 5.1.68 | |
| foxitsoftware | foxit_reader | 9.1.0 | |
| foxitsoftware | foxit_reader | 9.2.0 | |
| libreoffice | libreoffice | 6.0.6.2 | |
| libreoffice | libreoffice | 6.1.3.2 | |
| qoppa | pdf_studio | 12.0.7 | |
| qoppa | pdf_studio_viewer_2018 | 2018.0.1 | |
| qoppa | pdf_studio_viewer_2018 | 2018.2.0 | |
| linux | linux_kernel | - | |
| code-industry | master_pdf_editor | 5.1.24 | |
| code-industry | master_pdf_editor | 5.1.68 | |
| foxitsoftware | foxit_reader | 9.1.0 | |
| foxitsoftware | foxit_reader | 9.2.0 | |
| iskysoft | pdf_editor_6 | 6.6.2.3315 | |
| iskysoft | pdf_editor_6 | 6.7.6.3399 | |
| iskysoft | pdfelement6 | 6.7.1.3355 | |
| iskysoft | pdfelement6 | 6.7.6.3399 | |
| libreoffice | libreoffice | 6.1.0.3 | |
| libreoffice | libreoffice | 6.1.3.2 | |
| qoppa | pdf_studio | 12.0.7 | |
| qoppa | pdf_studio_viewer_2018 | 2018.0.1 | |
| qoppa | pdf_studio_viewer_2018 | 2018.2.0 | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:code-industry:master_pdf_editor:5.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2E15C7D9-4587-4C0B-8E97-F2967C345164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:code-industry:master_pdf_editor:5.1.68:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB1198D-3C50-4112-8FBD-80BAEC085962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8205B855-D8D6-44AB-99F8-B9773854F3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxitsoftware:phantompdf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7DA80D-4E97-442A-9C55-43E579C54E9E",
"versionEndExcluding": "9.4",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxitsoftware:phantompdf:8.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B951C818-618B-4E28-8882-64083FD31F08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gonitro:nitro_pro:11.0.3.173:*:*:*:*:*:*:*",
"matchCriteriaId": "7DFA95E4-9780-4B0A-9996-95A257C8DE99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gonitro:nitro_reader:5.5.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0A3796-4436-4706-A25C-04745B10D6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdf_editor_6:6.4.2.3521:*:*:*:professional:*:*:*",
"matchCriteriaId": "9796785E-F5A4-4EB9-AE4C-3296449F0A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdfelement6:6.8.0.3523:*:*:*:professional:*:*:*",
"matchCriteriaId": "C6FE27B0-5187-441A-8824-211838C71F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdfelement6:6.8.4.3921:*:*:*:professional:*:*:*",
"matchCriteriaId": "950C35B2-1B7F-495F-9947-0E992329954B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3CC1399-3DEF-4385-8B71-3F11DA88F331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "699BE7A2-190A-43AC-9C63-4C8484FA465C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nuance:power_pdf_standard:3.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "231818D4-C87B-4B0E-9ADD-B1332B92273D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nuance:power_pdf_standard:3.0.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E33DF5-2430-4AFC-A725-08FBD20C6749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nuance:power_pdf_standard:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8BE4D0-7106-47CA-9ADB-F4350CE2A527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qoppa:pdf_studio:12.0.7:*:*:*:professional:*:*:*",
"matchCriteriaId": "8944C809-795C-4F8F-A593-988B529F08B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qoppa:pdf_studio_viewer_2018:2018.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F47F57CB-769C-4ED3-91A4-D6489A8DD432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qoppa:pdf_studio_viewer_2018:2018.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F12D65-A39B-4F36-A219-1AEDD968C9D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:soft-xpansion:perfect_pdf_10:10.0.0.1:*:*:*:premium:*:*:*",
"matchCriteriaId": "F094FAF3-15CB-4481-9B86-61EABB82AAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:soft-xpansion:perfect_pdf_reader:13.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F28BFA-F77A-4282-AA60-E25436AF98D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:soft-xpansion:perfect_pdf_reader:13.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E808A140-D375-4BE2-9EF1-4A17634ADAC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:code-industry:master_pdf_editor:5.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2E15C7D9-4587-4C0B-8E97-F2967C345164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:code-industry:master_pdf_editor:5.1.68:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB1198D-3C50-4112-8FBD-80BAEC085962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07844440-3F26-40E1-A747-4642FBA9A9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B8E8F6D-8560-42D6-AED5-91D0570A4A13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3CC1399-3DEF-4385-8B71-3F11DA88F331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "699BE7A2-190A-43AC-9C63-4C8484FA465C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qoppa:pdf_studio:12.0.7:*:*:*:professional:*:*:*",
"matchCriteriaId": "8944C809-795C-4F8F-A593-988B529F08B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qoppa:pdf_studio_viewer_2018:2018.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F47F57CB-769C-4ED3-91A4-D6489A8DD432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qoppa:pdf_studio_viewer_2018:2018.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F12D65-A39B-4F36-A219-1AEDD968C9D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:code-industry:master_pdf_editor:5.1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "3B32744C-FC60-4E12-AF11-69D146A7F6A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:code-industry:master_pdf_editor:5.1.68:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB1198D-3C50-4112-8FBD-80BAEC085962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07844440-3F26-40E1-A747-4642FBA9A9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foxitsoftware:foxit_reader:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B8E8F6D-8560-42D6-AED5-91D0570A4A13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdf_editor_6:6.6.2.3315:*:*:*:professional:*:*:*",
"matchCriteriaId": "80241CB1-3BC7-4572-92A4-E348C50FAE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdf_editor_6:6.7.6.3399:*:*:*:professional:*:*:*",
"matchCriteriaId": "8336F6DF-0677-4AED-B062-0E7957A7A293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdfelement6:6.7.1.3355:*:*:*:professional:*:*:*",
"matchCriteriaId": "1D3941F4-B294-4E22-A6FF-CF3085DF6C89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdfelement6:6.7.6.3399:*:*:*:professional:*:*:*",
"matchCriteriaId": "1A3DB79B-12A7-4E55-9499-36EED6688382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F0657DEE-5DB0-487A-BA8F-7341C5004700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:6.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "699BE7A2-190A-43AC-9C63-4C8484FA465C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qoppa:pdf_studio:12.0.7:*:*:*:professional:*:*:*",
"matchCriteriaId": "8944C809-795C-4F8F-A593-988B529F08B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qoppa:pdf_studio_viewer_2018:2018.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F47F57CB-769C-4ED3-91A4-D6489A8DD432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qoppa:pdf_studio_viewer_2018:2018.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F12D65-A39B-4F36-A219-1AEDD968C9D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader."
},
{
"lang": "es",
"value": "La especificaci\u00f3n Portable Document Format (PDF) no proporciona ninguna informaci\u00f3n sobre el procedimiento concreto de c\u00f3mo comprobar las firmas.\u0026#xa0;En consecuencia, se presenta una vulnerabilidad de Ahorro Incremental en varios productos.\u0026#xa0;Cuando un atacante usa la funci\u00f3n Ahorro Incremental para agregar p\u00e1ginas o anotaciones, las actualizaciones del cuerpo se muestran al usuario sin que la l\u00f3gica de comprobaci\u00f3n de firmas realice ninguna acci\u00f3n.\u0026#xa0;Esto afecta a Foxit Reader versiones anteriores a 9.4 y PhantomPDF versiones anteriores a 8.3.9 y versiones 9.x anteriores a 9.4.\u0026#xa0;Tambi\u00e9n afecta a LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium y Perfect PDF Reader"
}
],
"id": "CVE-2018-18688",
"lastModified": "2024-11-21T03:56:22.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-07T18:15:12.497",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-25 15:15
Modified
2024-11-21 06:53
Severity ?
Summary
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro was actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a serial number and an issuer string identical to a trusted certificate which LibreOffice would present as belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | ||
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/cve-2022-26305 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2022-26305 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20BCBB73-64D6-44F0-8B7F-F94269E9EEDA",
"versionEndExcluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF12C7E-78D4-435E-BF1C-55F13566DD1D",
"versionEndExcluding": "7.3.2",
"versionStartIncluding": "7.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro was actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a serial number and an issuer string identical to a trusted certificate which LibreOffice would present as belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Certificados en LibreOffice en la que la determinaci\u00f3n de si una macro estaba firmada por un autor confiable al comparar \u00fanicamente el n\u00famero de serie y la cadena del emisor del certificado usado con los de un certificado confiable. Esto no es suficiente para verificar que la macro fue realmente firmada con el certificado. Por lo tanto, un adversario podr\u00eda crear un certificado arbitrario con un n\u00famero de serie y una cadena de emisor id\u00e9nticos a los de un certificado confiable, que LibreOffice presentar\u00eda como pertenecientes al autor confiable, lo que podr\u00eda conllevar que el usuario ejecutara c\u00f3digo arbitrario contenido en macros no debidamente confiables. Este problema afecta a: The Document Foundation LibreOffice versiones 7.2 anteriores a 7.2.7; versiones 7.3 anteriores a 7.3.1"
}
],
"id": "CVE-2022-26305",
"lastModified": "2024-11-21T06:53:43.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-25T15:15:09.303",
"references": [
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26305"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-08 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://www.debian.org/security/2016/dsa-3608 | ||
| cret@cert.org | http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ | Vendor Advisory | |
| cret@cert.org | http://www.securityfocus.com/bid/91499 | ||
| cret@cert.org | http://www.securitytracker.com/id/1036209 | ||
| cret@cert.org | http://www.talosintelligence.com/reports/TALOS-2016-0126/ | ||
| cret@cert.org | http://www.ubuntu.com/usn/USN-3022-1 | ||
| cret@cert.org | https://security.gentoo.org/glsa/201611-03 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3608 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91499 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036209 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.talosintelligence.com/reports/TALOS-2016-0126/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3022-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201611-03 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| libreoffice | libreoffice | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 15.10 | |
| canonical | ubuntu_linux | 16.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "251A60A9-8197-48C8-96B0-933953884FAF",
"versionEndIncluding": "5.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en LibreOffice en versiones anteriores a 5.1.4 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo RTF manipulado, relacionado con los tokens stylesheet y superscript."
}
],
"id": "CVE-2016-4324",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-08T19:59:00.143",
"references": [
{
"source": "cret@cert.org",
"url": "http://www.debian.org/security/2016/dsa-3608"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/91499"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id/1036209"
},
{
"source": "cret@cert.org",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0126/"
},
{
"source": "cret@cert.org",
"url": "http://www.ubuntu.com/usn/USN-3022-1"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201611-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0126/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3022-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-03"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-15 22:15
Modified
2024-11-21 04:52
Severity ?
Summary
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| security@documentfoundation.org | https://seclists.org/bugtraq/2019/Aug/28 | Issue Tracking, Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://seclists.org/bugtraq/2019/Sep/17 | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://usn.ubuntu.com/4102-1/ | Third Party Advisory | |
| security@documentfoundation.org | https://www.debian.org/security/2019/dsa-4501 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Aug/28 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/17 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4102-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2019/dsa-4501 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 29 | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32F74064-7FE4-4BB6-86BB-83AE52D38E87",
"versionEndExcluding": "6.2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could be bypassed by a URL encoding attack. In the fixed versions, the parsed url describing the script location is correctly encoded before further processing. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6."
},
{
"lang": "es",
"value": "LibreOffice est\u00e1 com\u00fanmente incorporada con LibreLogo, un script de gr\u00e1ficos espec\u00edficos turtle programables, lo que puede ejecutar comandos arbitrarios de python contenidos con el documento desde que se inicia. Se agreg\u00f3 protecci\u00f3n, para abordar el CVE-2019-9848, para bloquear las llamadas a LibreLogo desde los manejadores de script de eventos de documentos, p. ej. mouse over. Sin embargo, LibreOffice tambi\u00e9n presenta una funcionalidad separada en la que los documentos pueden especificar que los scripts preinstalados pueden ser ejecutados en varios eventos de script globales, tales como document-open, etc. Este problema afecta: Document Foundation LibreOffice versiones anteriores a 6.2.6"
}
],
"id": "CVE-2019-9852",
"lastModified": "2024-11-21T04:52:26.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-15T22:15:22.350",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4102-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-25 18:29
Modified
2024-11-21 03:53
Severity ?
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2019:2130 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Aug/28 | ||
| secalert@redhat.com | https://www.exploit-db.com/exploits/46727/ | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2130 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Aug/28 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/46727/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3962F032-670C-45E8-8AF4-0D3CF08D7D3F",
"versionEndExcluding": "6.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9BC0F2-B5E0-4AE8-B5CD-B360A97D4273",
"versionEndExcluding": "6.1.3",
"versionStartIncluding": "6.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location."
},
{
"lang": "es",
"value": "Se ha observado que libreoffice en versiones anteriores a la 6.0.7 y 6.1.3 era vulnerable a ataques de salto de directorio que podr\u00edan ser usados para ejecutar macros arbitrarios incluidos en un documento. Un atacante podr\u00eda manipular un documento que, al ser abierto por LibreOffice, ejecute un m\u00e9todo Python desde un script en cualquier ubicaci\u00f3n arbitrara del sistema de archivos, especificada de forma relativa a la ubicaci\u00f3n de instalaci\u00f3n de LibreOffice."
}
],
"id": "CVE-2018-16858",
"lastModified": "2024-11-21T03:53:27.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-25T18:29:00.463",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2019:2130"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46727/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Aug/28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/46727/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-356"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-12 14:15
Modified
2024-11-21 05:55
Severity ?
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://www.debian.org/security/2021/dsa-4988 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4988 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF22E51-8E68-4B58-8AB3-D326C1097E3E",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA884385-2527-4F68-9FD5-67ECD9A89F42",
"versionEndExcluding": "7.1.2",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
},
{
"lang": "es",
"value": "LibreOffice soporta firmas digitales de documentos ODF y macros dentro de documentos, presentando ayudas visuales de que no se ha producido ninguna alteraci\u00f3n del documento desde la \u00faltima firma y que la firma es v\u00e1lida. Una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Certificados en LibreOffice permit\u00eda a un atacante modificar un documento ODF firmado digitalmente para insertar una marca de tiempo de firma adicional que LibreOffice presentar\u00eda incorrectamente como una firma v\u00e1lida firmada en la hora de firma falsa. Este problema afecta a: Las versiones de LibreOffice 7-0 de The Document Foundation anteriores a 7.0.6; las versiones 7-1 anteriores a 7.1.2"
}
],
"id": "CVE-2021-25634",
"lastModified": "2024-11-21T05:55:11.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-12T14:15:08.290",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-20 14:15
Modified
2024-11-21 01:45
Severity ?
Summary
LibreOffice and OpenOffice automatically open embedded content
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/12/14/1 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2023/12/28/6 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2024/01/03/6 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2024/01/03/7 | ||
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2012-5639 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E | ||
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2012-5639 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/12/14/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/12/28/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/01/03/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/01/03/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2012-5639 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2012-5639 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | - | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| apache | openoffice | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A07A145-D665-462B-9883-7608D6DEFB21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7353C05F-9ED3-453A-91F4-87EAB1B276DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice and OpenOffice automatically open embedded content"
},
{
"lang": "es",
"value": "LibreOffice y OpenOffice abren autom\u00e1ticamente el contenido insertado."
}
],
"id": "CVE-2012-5639",
"lastModified": "2024-11-21T01:45:01.327",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-20T14:15:11.400",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/14/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2012-5639"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-5639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/14/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/12/28/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/01/03/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2012-5639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-5639"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-06 19:15
Modified
2024-11-21 04:52
Severity ?
Summary
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Third Party Advisory | |
| security@documentfoundation.org | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html | Third Party Advisory | |
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Third Party Advisory | |
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/ | ||
| security@documentfoundation.org | https://seclists.org/bugtraq/2019/Sep/17 | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://usn.ubuntu.com/4138-1/ | Third Party Advisory | |
| security@documentfoundation.org | https://www.debian.org/security/2019/dsa-4519 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/ | Vendor Advisory | |
| nvd@nist.gov | https://bugzilla.redhat.com/show_bug.cgi?id=1769907 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/17 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4138-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2019/dsa-4519 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 29 | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C5282A5-6EF5-4458-A35E-F688C6751B37",
"versionEndExcluding": "6.2.7",
"versionStartIncluding": "6.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9A03CA-E4B2-4935-9E97-A5772DC4DE93",
"versionEndExcluding": "6.3.1",
"versionStartIncluding": "6.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1."
},
{
"lang": "es",
"value": "LibreOffice presenta una funcionalidad en la que los documentos pueden especificar que las macros preinstaladas puedan ser ejecutadas sobre varios eventos de script, tales como mouse-over, document-open, etc. El acceso est\u00e1 previsto a restringirse para scripts bajo los subdirectorios share/Scripts/python, user/Scripts/python de la instalaci\u00f3n de LibreOffice. La protecci\u00f3n fue agregada, para abordar el CVE-2019-9852, para evitar un ataque de salto de directorio donde puedan ser ejecutados scripts en ubicaciones arbitrarias sobre el sistema de archivos mediante el empleo de un ataque de codificaci\u00f3n de la URL para vencer el paso de comprobaci\u00f3n de ruta. Sin embargo, esta protecci\u00f3n podr\u00eda ser omitida tomando ventaja de un fallo en la manera en que LibreOffice ensambl\u00f3 la ubicaci\u00f3n final de la URL del script directamente desde los componentes de la ruta pasada en lugar de \u00fanicamente desde la salida saneada del paso de comprobaci\u00f3n de ruta. Este problema afecta a: Document Foundation LibreOffice versiones 6.2 anteriores a 6.2.7; versiones 6.3 anteriores a 6.3.1."
}
],
"id": "CVE-2019-9854",
"lastModified": "2024-11-21T04:52:26.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-06T19:15:11.997",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "security@documentfoundation.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4138-1/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4519"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4138-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-17 03:41
Modified
2025-04-11 00:51
Severity ?
Summary
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/ | Release Notes | |
| secalert@redhat.com | http://librdf.org/raptor/RELEASE.html#rel2_0_7 | Release Notes | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html | Mailing List | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html | Mailing List | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0410.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0411.html | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48479 | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48493 | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48494 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/48526 | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48529 | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48542 | Broken Link, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48649 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/50692 | Broken Link | |
| secalert@redhat.com | http://secunia.com/advisories/60799 | Broken Link | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201209-05.xml | Third Party Advisory | |
| secalert@redhat.com | http://vsecurity.com/resources/advisory/20120324-1/ | Broken Link | |
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2438 | Third Party Advisory | |
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | Third Party Advisory | |
| secalert@redhat.com | http://www.libreoffice.org/advisories/CVE-2012-0037/ | Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:061 | Broken Link | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:062 | Broken Link | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:063 | Broken Link | |
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2012-0037.html | Mitigation, Patch | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/27/4 | Exploit, Mailing List | |
| secalert@redhat.com | http://www.osvdb.org/80307 | Broken Link | |
| secalert@redhat.com | http://www.securityfocus.com/bid/52681 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id?1026837 | Broken Link, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/74235 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0 | Patch | |
| secalert@redhat.com | https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E | Mailing List, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/ | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://librdf.org/raptor/RELEASE.html#rel2_0_7 | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0410.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0411.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48479 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48493 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48494 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48526 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48529 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48542 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48649 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50692 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60799 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201209-05.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://vsecurity.com/resources/advisory/20120324-1/ | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2438 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.libreoffice.org/advisories/CVE-2012-0037/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:061 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:062 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:063 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2012-0037.html | Mitigation, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/27/4 | Exploit, Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/80307 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52681 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026837 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/74235 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E | Mailing List, Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| librdf | raptor | * | |
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | 3.5.0 | |
| apache | openoffice | 3.3.0 | |
| apache | openoffice | 3.4.0 | |
| fedoraproject | fedora | 16 | |
| fedoraproject | fedora | 17 | |
| redhat | gluster_storage_server_for_on-premise | 2.0 | |
| redhat | storage | 2.0 | |
| redhat | storage_for_public_cloud | 2.0 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_eus | 6.2 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server_aus | 6.2 | |
| redhat | enterprise_linux_workstation | 5.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:librdf:raptor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAA8084B-D726-4B05-B766-9BCB15B3B84D",
"versionEndExcluding": "2.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC85B57C-F9E8-4266-A854-480A45ED3C25",
"versionEndExcluding": "3.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA7346A-7B1F-4887-81D5-DE36F9273E49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:openoffice:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A3D8DF-2A27-4054-B748-F8F4B6C013F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:openoffice:3.4.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "EBFF2F3E-67EB-4A54-BE16-9A8BC078781A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*",
"matchCriteriaId": "706C6399-CAD1-46E3-87A2-8DFE2CF497ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA9D861-3EAF-42F5-B0B6-A4CD7BDD6188",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "59D47E43-886E-4114-96A2-DBE719EA3A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52B90A04-DD6D-4AE7-A0E5-6B381127D507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:storage_for_public_cloud:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0257753-51C3-45F2-BAA4-4C1F2DEAB7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0554C89-3716-49F3-BFAE-E008D5E4E29C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document."
},
{
"lang": "es",
"value": "Redland Raptor (tambi\u00e9n conocido como libraptor) anterior a v2.0.7, utilizado por OpenOffice v3.3 y v3.4 Beta, LibreOffice anterior a v3.4.6 y v3.5.x anterior a v3.5.1, y otros productos, permite a atacantes remotos asistidos por el usuario leer archivos arbitrarios a trav\u00e9s de una declaraci\u00f3n de entidad externa (XXE) en xml y con referencia a un documento RDF."
}
],
"id": "CVE-2012-0037",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2012-06-17T03:41:40.107",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://librdf.org/raptor/RELEASE.html#rel2_0_7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0410.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0411.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48479"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48493"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/48494"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48526"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48529"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48542"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/48649"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50692"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60799"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://vsecurity.com/resources/advisory/20120324-1/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2438"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/advisories/CVE-2012-0037/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mitigation",
"Patch"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-0037.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/27/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/80307"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/52681"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026837"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://librdf.org/raptor/RELEASE.html#rel2_0_7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0410.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0411.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/48494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/48649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/50692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/60799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://vsecurity.com/resources/advisory/20120324-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.libreoffice.org/advisories/CVE-2012-0037/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch"
],
"url": "http://www.openoffice.org/security/cves/CVE-2012-0037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/27/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/80307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/52681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-11 12:15
Modified
2025-02-13 18:16
Severity ?
8.3 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins.
In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@documentfoundation.org | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| security@documentfoundation.org | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/ | Mailing List, Third Party Advisory | |
| security@documentfoundation.org | https://www.debian.org/security/2023/dsa-5574 | Third Party Advisory | |
| security@documentfoundation.org | https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2023/dsa-5574 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| fedoraproject | fedora | 38 | |
| debian | debian_linux | 11.0 | |
| debian | debian_linux | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3620339-BFEE-459E-937D-7F785CEE9C9F",
"versionEndExcluding": "7.5.9",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65A10E4B-F7DE-4FA8-8ACB-D1A54CCD408E",
"versionEndExcluding": "7.6.3",
"versionStartIncluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins.\n\nIn affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system."
},
{
"lang": "es",
"value": "Vulnerabilidad de validaci\u00f3n de entrada incorrecta en la integraci\u00f3n GStreamer de The Document Foundation LibreOffice permite a un atacante ejecutar complementos GStreamer arbitrarios. En las versiones afectadas, el nombre de archivo del v\u00eddeo incrustado no se escapa lo suficiente cuando se pasa a GStreamer, lo que permite a un atacante ejecutar complementos arbitrarios de gstreamer dependiendo de qu\u00e9 complementos est\u00e9n instalados en el sistema de destino."
}
],
"id": "CVE-2023-6185",
"lastModified": "2025-02-13T18:16:06.290",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 6.0,
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-11T12:15:07.037",
"references": [
{
"source": "security@documentfoundation.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5574"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}