Lucene search
+L

4 matches found

Cvelist
Cvelist
added 2021/05/03 11:10 a.m.30 views

CVE-2021-25631 denylist of executable filename extensions possible to bypass under windows

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type...

8.8AI score0.0417EPSS
Exploits1References2
CVE
CVE
added 2021/05/03 11:10 a.m.1338 views

CVE-2021-25631

CVE-2021-25631 affects LibreOffice 7-1 (before 7.1.2) and 7-0 (before 7.0.5). The issue allows bypassing the denylist by manipulating a link so it no longer matches the denylist but triggers ShellExecute to launch an executable type, enabling arbitrary code execution under Windows. Affected produ...

9.3CVSS8.6AI score0.0417EPSS
Exploits1References2Affected Software1
Kaspersky
Kaspersky
added 2021/04/15 12:0 a.m.38 views

KLA12151 ACE vulnerability in LibreOffice

A code execution vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories LibreOffice 7.x vulnerabilities Related products LibreOffice CVE list CVE-2021-25631 critical Solution Upgrade to LibreOffice = 7.0.5 or = 7.1.2...

9.3CVSS9.2AI score0.0417EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2021/04/15 12:0 a.m.45 views

KLA12032 ACE vulnerability in LibreOffice

A code execution vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories LibreOffice 7.x vulnerabilities Related products LibreOffice CVE list CVE-2021-25631 critical Solution Upgrade to LibreOffice = 7.0.5 or = 7.1.2...

9.3CVSS9.2AI score0.0417EPSS
Exploits1References3
Rows per page
Query Builder