Lucene search

K
oraclelinuxOracleLinuxELSA-2023-6933
HistoryNov 17, 2023 - 12:00 a.m.

libreoffice security update

2023-11-1700:00:00
linux.oracle.com
12
libreoffice
security update
oracle
america
configuration
rhbz#2210191
rhbz#2210195
rhbz#2208509
cve-2023-0950
cve-2023-2255
cve-2023-1183

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

34.2%

[6.4.7.2-15.0.1]

  • Replace colors with Oracle colors [Orabug: 32120093]
  • Build with --with-vendor=‘Oracle America, Inc.’
  • Added the --with-hamcrest option to configure.
    [1:6.4.7.2-15]
  • Resolves: rhbz#2210191 CVE-2023-0950 Array Index UnderFlow in Calc Formula
    Parsing
  • Resolves: rhbz#2210195 CVE-2023-2255 libreoffice: Remote documents loaded
    without prompt via IFrame
  • Resolves: rhbz#2208509 CVE-2023-1183 libreoffice: Arbitrary File Write
    [1:6.4.7.2-14]
  • Resolves: rhbz#2182390 CVE-2022-38745 Empty entry in Java class path

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

34.2%