Kaspersky LabKLA50365KLA50365 ACE vulnerability in LibreOffice
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
6.1 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
0.0005 Low
EPSS
Percentile
14.6%
Detect date:
06/19/2023
Severity:
Warning
Description:
Improper Input Validation vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to execute arbitrary code.
Affected products:
LibreOffice earlier than 7.4.6
LibreOffice 7.5.x earlier than 7.5.1
Solution:
Update to the latest version
Download LibreOffice
Original advisories:
Arbitrary File Write in hsqldb 1.8.0
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2023-11835.5High
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
6.1 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
0.0005 Low
EPSS
Percentile
14.6%