Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-6472

Опубликовано: 05 авг. 2024
Источник: debian
EPSS Низкий

Описание

Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libreofficefixed4:24.2.5-1package

Примечания

  • https://www.libreoffice.org/about-us/security/advisories/cve-2024-6472/

  • https://github.com/LibreOffice/core/commit/da570d9adb324b143ab5a05683fc17a1c90feaec (libreoffice-24-2-5)

  • https://github.com/LibreOffice/core/commit/ee0373b18001dd876eb855e495b59cec0f128f97 (distro/mimo/7-4)

  • https://github.com/LibreOffice/core/commit/2587dbff640e2443f0800f9c1a865723500de1c5 (distro/mimo/7-0)

  • [1/2] https://github.com/LibreOffice/core/commit/47175e935411a2f772adc284474e3c64104f4762 (distro/mimo/6-2)

  • [2/2] https://github.com/LibreOffice/core/commit/b8c9ba427e23e45ef782d6a144f4415cae3c9b13 (distro/mimo/6-2)

EPSS

Процентиль: 4%
0.00022
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-6472

CVSS3: 7.8
ubuntu
около 1 года назад

Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5.

redhat логотип

CVE-2024-6472

CVSS3: 7.8
redhat
около 1 года назад

Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5.

nvd логотип

CVE-2024-6472

CVSS3: 7.8
nvd
около 1 года назад

Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5.

rocky логотип

RLSA-2024:5598

rocky
3 месяца назад

Moderate: libreoffice security update

github логотип

GHSA-w6mm-86qp-2r3q

CVSS3: 7.8
github
около 1 года назад

Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5.

EPSS

Процентиль: 4%
0.00022
Низкий