Lucene search
Document Fdn.CVELIST:CVE-2021-25631HistoryApr 15, 2021 - 12:00 a.m.
CVE-2021-25631 denylist of executable filename extensions possible to bypass under windows
2021-04-1500:00:00
CWE-184
Document Fdn.
www.cve.org
In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn’t match the denylist but results in ShellExecute attempting to launch an executable type.
CNA Affected
[
{
"platforms": [
"Windows"
],
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.1.2",
"status": "affected",
"version": "7.1",
"versionType": "custom"
},
{
"lessThan": "7.0.5",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
]Related
kaspersky
kaspersky
KLA12151 ACE vulnerability in LibreOffice
2021-04-15 00:00:00
KLA12032 ACE vulnerability in LibreOffice
2021-04-15 00:00:00
debiancve
debiancve
CVE-2021-25631
2021-05-03 12:15:07
alpinelinux
alpinelinux
CVE-2021-25631
2021-05-03 12:15:07
prion
prion
Design/Logic Flaw
2021-05-03 12:15:00
nvd
nvd
CVE-2021-25631
2021-05-03 12:15:07
ubuntucve
ubuntucve
CVE-2021-25631
2021-05-03 00:00:00
cve
cve
CVE-2021-25631
2021-05-03 12:15:07
thn
thn
1-Click Hack Found in Popular Desktop Apps — Check If You're Using Them
2021-04-15 11:09:00