Описание
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 1:6.0.7-0ubuntu0.18.04.2 |
| cosmic | not-affected | |
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:4.2.8-0ubuntu5.5]] |
| precise/esm | DNE | |
| trusty | released | 1:4.2.8-0ubuntu5.5 |
| trusty/esm | DNE | trusty was released [1:4.2.8-0ubuntu5.5] |
| upstream | needs-triage | |
| xenial | released | 1:5.1.6~rc2-0ubuntu1~xenial6 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
An information disclosure vulnerability occurs when LibreOffice 6.0.3 ...
Security update for LibreOffice and dependency libraries
EPSS
5 Medium
CVSS2
7.5 High
CVSS3