Lucene search
Document Fdn.CVELIST:CVE-2023-2255HistoryMay 25, 2023 - 12:00 a.m.
CVE-2023-2255 Remote documents loaded without prompt via IFrame
2023-05-2500:00:00
CWE-264
Document Fdn.
www.cve.org
cve-2023-2255; remote documents; iframe; improper access control; the document foundation libreoffice; external links; floating frames; inconsistent treatment; version 7.4; version 7.5
Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used “floating frames” linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3.
CNA Affected
[
{
"vendor": "The Document Foundation",
"product": "LibreOffice",
"versions": [
{
"version": "7.4",
"status": "affected",
"lessThan": "7.4.7",
"versionType": "custom"
},
{
"version": "7.5",
"status": "affected",
"lessThan": "7.5.3",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2023-2255
2023-05-25 20:15:09
githubexploit
githubexploit
Exploit for CVE-2023-2255
2023-07-10 20:54:56
Exploit for CVE-2023-2255
2024-04-27 11:21:11
prion
prion
Improper access control
2023-05-25 20:15:00
nessus
nessus
LibreOffice 7.4 < 7.4.7 / 7.5 < 7.5.3 Array Index UnderFlow (Windows)
2023-06-05 00:00:00
LibreOffice 7.4 < 7.4.7 / 7.5 < 7.5.3 Array Index UnderFlow (macOS)
2023-06-05 00:00:00
SUSE SLED12 / SLES12 Security Update : LibreOffice (SUSE-SU-2024:0075-1)
2024-01-11 00:00:00
veracode
veracode
Authorization Bypass
2023-08-07 01:27:44
debiancve
debiancve
CVE-2023-2255
2023-05-25 20:15:09
nvd
nvd
CVE-2023-2255
2023-05-25 20:15:09
redhatcve
redhatcve
CVE-2023-2255
2023-05-26 20:40:53
ubuntucve
ubuntucve
CVE-2023-2255
2023-05-25 00:00:00
osv
osv
libreoffice vulnerabilities
2023-06-07 05:13:10
libreoffice - security update
2023-05-28 00:00:00
libreoffice - security update
2023-08-13 00:00:00
debian
debian
[SECURITY] [DSA 5415-1] libreoffice security update
2023-05-28 15:25:12
[SECURITY] [DLA 3526-1] libreoffice security update
2023-08-13 16:32:01
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0194)
2023-06-09 00:00:00
Ubuntu: Security Advisory (USN-6144-1)
2023-06-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0075-1)
2024-01-11 00:00:00
gentoo
gentoo
LibreOffice: Multiple Vulnerabilities
2023-11-26 00:00:00
ubuntu
ubuntu
LibreOffice vulnerabilities
2023-06-07 00:00:00
kaspersky
kaspersky
KLA49330 Multiple vulnerabilities in LibreOffice
2023-05-24 00:00:00
mageia
mageia
Updated libreoffice packages fix security vulnerability
2023-06-08 22:34:59
redos
redos
ROS-20230830-01
2023-08-30 00:00:00
redhat
redhat
(RHSA-2023:6508) Moderate: libreoffice security update
2023-11-07 06:07:28
(RHSA-2023:6933) Moderate: libreoffice security update
2023-11-14 08:40:48
almalinux
almalinux
Moderate: libreoffice security update
2023-11-07 00:00:00
Moderate: libreoffice security update
2023-11-14 00:00:00
oraclelinux
oraclelinux
libreoffice security update
2023-11-17 00:00:00
libreoffice security update
2023-11-11 00:00:00