This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.LIBREOFFICE_CVE-2024-7788.NASLLibreOffice 24.2.x < 24.2.5 / 24.8.0 (CVE-2024-7788)
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
The version of LibreOffice installed on the remote host is prior to 24.2.5 / 24.8.0. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7788 advisory.
- Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5. (CVE-2024-7788)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
File data libreoffice_CVE-2024-7788.naslRelated
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
Low