Количество 10
Количество 10
CVE-2019-9855
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
CVE-2019-9855
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
CVE-2019-9855
LibreOffice is typically bundled with LibreLogo, a programmable turtle ...
GHSA-873f-q5vx-w7hm
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.
BDU:2019-03247
Уязвимость программного модуля LibreLogo пакета офисных программ LibreOffice, позволяющая нарушителю выполнить произвольный код в целевой системе
openSUSE-SU-2019:2361-1
Security update for libreoffice
SUSE-SU-2019:2686-1
Security update for libreoffice
openSUSE-SU-2019:2183-1
Security update for libreoffice
SUSE-SU-2019:2402-1
Security update for libreoffice
SUSE-SU-2019:2401-1
Security update for libreoffice
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-9855 LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1. | CVSS3: 9.8 | 1% Низкий | больше 6 лет назад |
 | CVE-2019-9855 LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1. | CVSS3: 9.8 | 1% Низкий | больше 6 лет назад |
| CVE-2019-9855 LibreOffice is typically bundled with LibreLogo, a programmable turtle ... | CVSS3: 9.8 | 1% Низкий | больше 6 лет назад |
| GHSA-873f-q5vx-w7hm LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1. | CVSS3: 9.8 | 1% Низкий | больше 3 лет назад |
 | BDU:2019-03247 Уязвимость программного модуля LibreLogo пакета офисных программ LibreOffice, позволяющая нарушителю выполнить произвольный код в целевой системе | CVSS3: 9.8 | 1% Низкий | больше 6 лет назад |
 | openSUSE-SU-2019:2361-1 Security update for libreoffice | больше 6 лет назад | ||
| SUSE-SU-2019:2686-1 Security update for libreoffice | больше 6 лет назад | ||
| openSUSE-SU-2019:2183-1 Security update for libreoffice | больше 6 лет назад | ||
| SUSE-SU-2019:2402-1 Security update for libreoffice | больше 6 лет назад | ||
| SUSE-SU-2019:2401-1 Security update for libreoffice | больше 6 лет назад |
Уязвимостей на страницу