Количество 13
Количество 13
CVE-2019-9851
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
CVE-2019-9851
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
CVE-2019-9851
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
CVE-2019-9851
LibreOffice is typically bundled with LibreLogo, a programmable turtle ...
GHSA-2rm2-3r73-2vfr
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
BDU:2019-03148
Уязвимость программного модуля LibreLogo пакета офисных программ LibreOffice, позволяющая нарушителю выполнить произвольный код в целевой системе
openSUSE-SU-2019:2057-1
Security update for libreoffice
SUSE-SU-2019:2231-1
Security update for libreoffice
ELSA-2020-1598
ELSA-2020-1598: libreoffice security and bug fix update (MODERATE)
openSUSE-SU-2019:2183-1
Security update for libreoffice
SUSE-SU-2019:2402-1
Security update for libreoffice
SUSE-SU-2019:2401-1
Security update for libreoffice
ELSA-2020-1151
ELSA-2020-1151: libreoffice security and bug fix update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-9851 LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. | CVSS3: 9.8 | 86% Высокий | больше 6 лет назад |
 | CVE-2019-9851 LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. | CVSS3: 7.8 | 86% Высокий | больше 6 лет назад |
 | CVE-2019-9851 LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. | CVSS3: 9.8 | 86% Высокий | больше 6 лет назад |
| CVE-2019-9851 LibreOffice is typically bundled with LibreLogo, a programmable turtle ... | CVSS3: 9.8 | 86% Высокий | больше 6 лет назад |
| GHSA-2rm2-3r73-2vfr LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6. | CVSS3: 9.8 | 86% Высокий | больше 3 лет назад |
 | BDU:2019-03148 Уязвимость программного модуля LibreLogo пакета офисных программ LibreOffice, позволяющая нарушителю выполнить произвольный код в целевой системе | CVSS3: 8.8 | 86% Высокий | больше 6 лет назад |
 | openSUSE-SU-2019:2057-1 Security update for libreoffice | больше 6 лет назад | ||
| SUSE-SU-2019:2231-1 Security update for libreoffice | больше 6 лет назад | ||
| ELSA-2020-1598 ELSA-2020-1598: libreoffice security and bug fix update (MODERATE) | почти 6 лет назад | ||
| openSUSE-SU-2019:2183-1 Security update for libreoffice | больше 6 лет назад | ||
| SUSE-SU-2019:2402-1 Security update for libreoffice | больше 6 лет назад | ||
| SUSE-SU-2019:2401-1 Security update for libreoffice | больше 6 лет назад | ||
| ELSA-2020-1151 ELSA-2020-1151: libreoffice security and bug fix update (MODERATE) | почти 6 лет назад |
Уязвимостей на страницу