EUVD-2019-19208

Malware in sbrugna...

RHEL 6 : libreoffice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreoffice: LibreLogo global-event script execution CVE-2019-9851 - A vulnerability in OpenOffice's PPT...

Oracle Linux 7 : libreoffice (ELSA-2019-2130)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2130 advisory. 1:5.3.6.1-21.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America...

CVE-2020-16858 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability

...

CVE-2020-16858

CVE-2020-16858 is a cross-site scripting vulnerability in Microsoft Dynamics 365 (on-premises). The issue arises when Dynamics Server does not properly sanitize a specially crafted web request, allowing an authenticated attacker to execute script in the user’s browser and access or modify data wi...

KLA11953 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics 365. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability Microsoft Dynamics 365 On-Premise can be...

Huawei EulerOS: Security Advisory for libreoffice (EulerOS-SA-2019-2082)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libreoffice (EulerOS-SA-2019-1976)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : libreoffice (EulerOS-SA-2019-2082)

According to the versions of the libreoffice packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libreoffice: Arbitrary python functions in arbitrary modules on the filesystem can be executed without warning CVE-2018-16858 - LibreOffice...

EulerOS 2.0 SP5 : libreoffice (EulerOS-SA-2019-1976)

According to the versions of the libreoffice packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libreoffice: Arbitrary python functions in arbitrary modules on the filesystem can be executed without warning CVE-2018-16858 - LibreOffice...

autocorr, libreoffice, libreofficekit security update

CentOS Errata and Security Advisory CESA-2019:2130 An update for libreoffice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : libreoffice on SL7.x x86_64 (20190806)

Security Fixes : - libreoffice: Arbitrary python functions in arbitrary modules on the filesystem can be executed without warning CVE-2018-16858 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid128233; scriptversion"1.4";...

Debian: Security Advisory (DSA-4501-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4501-1 : libreoffice - security update

It was discovered that the code fixes to address CVE-2018-16858 and CVE-2019-9848 were not complete. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4501. The text itself is copyright C Software in the Public...

openSUSE: Security Advisory for LibreOffice (openSUSE-SU-2019:1929-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Patches for 2 Severe LibreOffice Flaws Bypassed — Update to Patch Again

If you are using LibreOffice, you need to update it once again. LibreOffice has released the latest version 6.2.6/6.3.0 of its open-source office software to address three new vulnerabilities that could allow attackers to bypass patches for two previously addressed vulnerabilities. LibreOffice is...

Directory traversal

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice...

libreoffice security and bug fix update

1:5.3.6.1-21.0.1 - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-21 - Resolves: rhbz1066844 drop libreofficekit requires 1:5.3.6.1-20 - Resolves: rhbz1672003 CVE-2018-16858...

RHEL 7 : libreoffice (RHSA-2019:2130)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2130 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...

Low: Red Hat Security Advisory: libreoffice security and bug fix update

An update for libreoffice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...