KLA11407ACE vulnerability in LibreOffice

2019-02-01T00:00:00
ID KLA11407
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

02/01/2019

Severity:

Critical

Description:

A directory traversal vulnerability were found in LibreOffice. Malicious users can exploit this vulnerability remotely via specially crafted document to execute arbitrary code.

Affected products:

LibreOffice 6.0.x earlier than 6.0.7
LibreOffice 6.1.x earlier than 6.1.3

Solution:

Update to the latest version
Download LibreOffice

Original advisories:

CVE-2018-16858 Directory traversal flaw in script execution

Impacts:

ACE

CVE-IDS:

CVE-2018-168587.5Critical