6.5CVSS
6.5AI Score
0.004EPSS
6.5CVSS
6.5AI Score
0.004EPSS
7AI Score
0.004EPSS
LibreOffice and OpenOffice automatically open embedded content Bugs https://bugs.freedesktop.org/show_bug.cgi?id=58295 Notes Author| Note ---|--- jdstrand | seems more like a feature request. LibreOffice prompts the user saying that the document contains links to external data and asks if the...
6.5CVSS
6.2AI Score
0.004EPSS
OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite...
7.8CVSS
7.8AI Score
0.001EPSS
OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite...
7.8CVSS
7.8AI Score
0.001EPSS
Hackers Turn to OpenDocument Format to Avoid AV Detection
Attackers have a new obfuscation technique that uses the OpenDocument file format for sneaking payloads past antivirus software. Past macro-based attacks have relied on malware hitching a ride with .docx, .zip, .jar and many other file formats. But researchers at Cisco Talos said that because...
-0.3AI Score
Open Document format creates twist in maldoc landscape
By Warren Mercer and Paul Rascagneres. Introduction Cisco Talos recently observed attackers changing the file formats they use in an attempt to thwart common antivirus engines. This can happen across other file formats, but today, we are showing a change of approach for an actor who has deemed...
-0.2AI Score
KLA12402 SB vulnerability in OpenOffice
Security bypass vulnerability was found in OpenOffice. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2019-9853 Related products OpenOffice.org CVE list CVE-2019-9853 critical Solution Update to the latest version Download OpenOffice Impacts ...
7.8CVSS
8.8AI Score
0.007EPSS
autocorr, libreoffice, libreofficekit security update
CentOS Errata and Security Advisory CESA-2019:2130 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces...
9.8CVSS
8.8AI Score
0.964EPSS
CentOS 7 : libreoffice (CESA-2019:2130)
An update for libreoffice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from...
9.8CVSS
-0.2AI Score
0.964EPSS
-0.1AI Score
0.057EPSS
8.8CVSS
9AI Score
EPSS
8.8CVSS
-0.2AI Score
0.057EPSS
-0.2AI Score
0.057EPSS
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab,...
8.8CVSS
7AI Score
0.057EPSS
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab,...
8.8CVSS
8.7AI Score
0.057EPSS
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab,...
8.8CVSS
8.6AI Score
0.057EPSS
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab,...
8.8CVSS
8.7AI Score
0.057EPSS
An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab,...
8.8AI Score
0.057EPSS
(RHSA-2019:2130) Low: libreoffice security and bug fix update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
0.4AI Score
0.964EPSS
6.1CVSS
6.7AI Score
0.002EPSS
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
7.9AI Score
0.07EPSS
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
7.9AI Score
0.07EPSS
Apache UNO LibreOffice Version: 6.1.2 OpenOffice 4.1.6 API - Remote Code Execution
Apache UNO LibreOffice Version: 6.1.2 OpenOffice 4.1.6 API - Remote Code...
0.5AI Score
0.2AI Score
7AI Score
Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution Exploit
...
0.4AI Score
[SECURITY] Fedora 28 Update: ckeditor-4.11.2-1.fc28
CKEditor is a text editor to be used inside web pages. It's a WYSIWYG edito r, which means that the text being edited on it looks as similar as possible to the results users have when publishing it. It brings to the web common edit ing features found on desktop editing applications like Microsoft.....
6.1CVSS
1.8AI Score
0.002EPSS
[SECURITY] Fedora 29 Update: ckeditor-4.11.2-1.fc29
CKEditor is a text editor to be used inside web pages. It's a WYSIWYG edito r, which means that the text being edited on it looks as similar as possible to the results users have when publishing it. It brings to the web common edit ing features found on desktop editing applications like Microsoft.....
6.1CVSS
1.8AI Score
0.002EPSS
Apache UNO API Remote Code Execution Vulnerability
When Apache OpenOffice and LibreOffice are spawn as an office server, they bind an Apache UNO API that allows for remote code...
0.5AI Score
Apache OpenOffice < 4.1.6 Virtual Table Arithmetic Overflow
The version of Apache OpenOffice installed on the remote host is a version prior to 4.1.6. It is, therefore, affected by an arithmetic overflow flaw related to handling virtual tables. This error could allow code...
7.8CVSS
-0.1AI Score
0.001EPSS
Apache OpenOffice Remote Code Execution Vulnerability (Feb 2019) - Windows
Apache OpenOffice Writer is prone to a remote code execution (RCE)...
9.8CVSS
9.2AI Score
0.964EPSS
Apache OpenOffice Remote Code Execution Vulnerability (Feb 2019) - Mac OS X
Apache OpenOffice Writer is prone to a remote code execution (RCE)...
9.8CVSS
9.2AI Score
0.964EPSS
New critical vulnerability discovered in open-source office suites
A great number of attack techniques these days are using Microsoft Office documents to distribute malware. In recent years, there has been serious development on document exploit kit builders, not to mention the myriad of tricks that red-teamers have come up with to bypass security solutions. In...
9.8CVSS
0.7AI Score
0.964EPSS
Severe RCE Flaw Disclosed in Popular LibreOffice and OpenOffice Software
It's 2019, and just opening an innocent looking office document file on your system can still allow hackers to compromise your computer. No, I'm not talking about yet another vulnerability in Microsoft Office, but in two other most popular alternatives—LibreOffice and Apache OpenOffice—free,...
9.8CVSS
2.1AI Score
0.964EPSS
LibreOffice and Openoffice Remote Code Execution (CVE-2018-16858)
A remote code execution vulnerability has been reported in LibreOffice and Openoffice. The vulnerability is due to insufficient validation of a link reference in a DOT file when processing events in the application. Successful exploitation of this vulnerability could allow a remote attacker to...
9.8CVSS
4.8AI Score
0.964EPSS
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length...
7.8CVSS
7.6AI Score
0.001EPSS
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length...
7.8CVSS
7.6AI Score
0.001EPSS
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length...
7.8CVSS
7.6AI Score
0.001EPSS
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length...
7.8CVSS
7.7AI Score
0.001EPSS
libreoffice is vulnerable to information disclosure attacks. The vulnerability exists by exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the...
5.5CVSS
5.2AI Score
0.001EPSS
libreoffice is vulnerable to denial of service (DoS) attacks. The vulnerability exists as the HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a...
7AI Score
0.017EPSS
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length...
7.8CVSS
7.6AI Score
0.001EPSS
KLA12401 DoS vulnerability in OpenOffice
Arithmetic overflow vulnerability was found in OpenOffice. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2018-11790 Related products OpenOffice.org CVE list CVE-2018-11790 critical Solution Update to the latest version Download OpenOffice...
7.8CVSS
7.6AI Score
0.001EPSS
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length...
7.7AI Score
0.001EPSS
Talos Vulnerability Discovery Year in Review - 2018
Introduction Cisco Talos' Vulnerability Discovery Team investigates software and operating system vulnerabilities in order to discover them before malicious threat actors. We provide this information to vendors so that they can create patches and protect their customers as soon as possible. We...
AI Score
(RHSA-2018:3054) Moderate: libreoffice security and bug fix update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
0.7AI Score
0.171EPSS
LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator
Generates a Malicious ODT File which can be used with auxiliary/server/capture/smb or similar to capture...
AI Score
Updated libreoffice packages fix security vulnerabilities
The updated packages fix security vulnerabilities: LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. (CVE-2018-6871) sot/source/sdstor/stgstrms.cxx in LibreOffice...
9.8CVSS
5.7AI Score
0.593EPSS