Описание
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a valid signature issued by a trusted person This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | windows-only |
| devel | not-affected | 1:7.2.1-0ubuntu3 |
| esm-infra/focal | not-affected | windows-only |
| focal | not-affected | windows-only |
| hirsute | not-affected | 1:7.1.6-0ubuntu0.21.04.1 |
| impish | not-affected | 1:7.2.1-0ubuntu3 |
| jammy | not-affected | 1:7.2.1-0ubuntu3 |
| trusty | ignored | end of standard support |
| upstream | not-affected | debian: Only affects Microsoft Crypto API back-end |
| xenial | ignored | end of standard support |
Показывать по
EPSS
Связанные уязвимости
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a valid signature issued by a trusted person This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a valid signature issued by a trusted person This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.
An Improper Certificate Validation vulnerability in LibreOffice allowe ...
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a valid signature issued by a trusted person This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.
Уязвимость пакета офисных программ LibreOffice, связанная с ошибками проверки криптографической подписи, позволяющая нарушителю проводить спуфинг атаки
EPSS