4 matches found
CVE-2021-25631 denylist of executable filename extensions possible to bypass under windows
In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type...
CVE-2021-25631
CVE-2021-25631 affects LibreOffice 7-1 (before 7.1.2) and 7-0 (before 7.0.5). The issue allows bypassing the denylist by manipulating a link so it no longer matches the denylist but triggers ShellExecute to launch an executable type, enabling arbitrary code execution under Windows. Affected produ...
KLA12151 ACE vulnerability in LibreOffice
A code execution vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories LibreOffice 7.x vulnerabilities Related products LibreOffice CVE list CVE-2021-25631 critical Solution Upgrade to LibreOffice = 7.0.5 or = 7.1.2...
KLA12032 ACE vulnerability in LibreOffice
A code execution vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories LibreOffice 7.x vulnerabilities Related products LibreOffice CVE list CVE-2021-25631 critical Solution Upgrade to LibreOffice = 7.0.5 or = 7.1.2...