CVE-2018-6871

Опубликовано: 09 фев. 2018

Источник: debian

EPSS Средний

Описание

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libreoffice	fixed	1:6.0.1-1		package
libreoffice	not-affected		wheezy	package

Примечания

https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure

EPSS

Процентиль: 97%

0.4268

Средний

Связанные уязвимости

CVE-2018-6871

CVSS3: 9.8

ubuntu

почти 8 лет назад

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.

CVE-2018-6871

CVSS3: 4.7

redhat

почти 8 лет назад

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.

CVE-2018-6871

CVSS3: 9.8

nvd

почти 8 лет назад

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.

openSUSE-SU-2018:0446-1

suse-cvrf

почти 8 лет назад

Security update for libreoffice

SUSE-SU-2018:0443-1

suse-cvrf

почти 8 лет назад

Security update for libreoffice

EPSS

Процентиль: 97%

0.4268

Средний