14 matches found
MiracleLinux 8 : libreoffice-6.4.7.2-10.el8.ML.1 (AXSA:2022-3720:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3720:01 advisory. libreoffice: Content Manipulation with Double Certificate Attack CVE-2021-25633 libreoffice: Timestamp Manipulation with Signature Wrapping...
EUVD-2021-28833
Malicious code in bioql PyPI...
CVE-2021-25635 Content Manipulation with Certificate Validation Attack
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...
CVE-2021-25635
CVE-2021-25635 is a certificate-validation vulnerability in LibreOffice described as a Content Manipulation with Certificate Validation Attack. An attacker could enable self-signed ODF documents, then modify the signature algorithm to an invalid/unknown one; LibreOffice could display the signatur...
CVE-2021-25635
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...
Linux Distros Unpatched Vulnerability : CVE-2021-25635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then...
Oracle Linux 8 : libreoffice (ELSA-2022-1766)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1766 advisory. - Resolves: rhbz2013858 CVE-2021-25633 - Resolves: rhbz2014215 CVE-2021-25634 - Resolves: rhbz2014209 CVE-2021-25635 Tenable has extracted the precedin...
libreoffice security, bug fix, and enhancement update
1:6.4.7.2-10.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-10 - Related: rhbz2029810 bump n-v-r 1:6.4.7.2-9 - Related: rhbz2029810 set NoDisplay=true for .desktop on s390x/aarch...
RLSA-2022:1766 Moderate: libreoffice security, bug fix, and enhancement update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
ALSA-2022:1766 Moderate: libreoffice security, bug fix, and enhancement update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
Moderate: libreoffice security, bug fix, and enhancement update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
CVE-2021-25635
A flaw was found in LibreOffice, where it improperly validated signatures for algorithms that were not verified. This flaw leads to LibreOffice presenting a valid signature when the validity of the signature was not verified. The highest threat from this vulnerability is to confidentiality and...
Code injection
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory...
Apache OpenOffice -- multiple vulnerabilities.
The Apache Openoffice project reports: Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A careful...