9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.6%
Rohan Durve and James Kettle discovered LibreOffice Calc sometimes allowed
for command injection when opening spreadsheets. If a user were tricked
into opening a crafted Calc spreadsheet, an attacker could exploit this to
run programs as your login.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.04 | noarch | libreoffice-core | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |
Ubuntu | 14.04 | noarch | browser-plugin-libreoffice | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |
Ubuntu | 14.04 | noarch | libreoffice | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |
Ubuntu | 14.04 | noarch | libreoffice-avmedia-backend-gstreamer | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |
Ubuntu | 14.04 | noarch | libreoffice-base | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |
Ubuntu | 14.04 | noarch | libreoffice-base-core | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |
Ubuntu | 14.04 | noarch | libreoffice-base-drivers | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |
Ubuntu | 14.04 | noarch | libreoffice-calc | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |
Ubuntu | 14.04 | noarch | libreoffice-dbg | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |
Ubuntu | 14.04 | noarch | libreoffice-dev | < 1:4.2.6.3-0ubuntu1 | UNKNOWN |