21 matches found
MiracleLinux 8 : libreoffice-6.4.7.2-12.el8.ML.1 (AXSA:2023-4806:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4806:01 advisory. libreoffice: Macro URL arbitrary script execution CVE-2022-3140 libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation...
Linux Distros Unpatched Vulnerability : CVE-2022-26305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching th...
RHEL 8 : libreoffice (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreoffice: Weak Master Keys CVE-2022-26307 - An Improper Certificate Validation vulnerability in...
CentOS 8 : libreoffice (CESA-2023:0089)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0089 advisory. - libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation CVE-2022-26305 - libreoffice: Static Initialization Vector Allows t...
Moderate: Red Hat Security Advisory: libreoffice security update
An update for libreoffice is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
ALSA-2023:0304 Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
libreoffice security update
6.4.7.2-12.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-12 - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys -...
ALSA-2023:0089 Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
SUSE: Security Advisory (SUSE-SU-2022:3650-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5661-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5661-1: LibreOffice vulnerabilities
It was discovered that LibreOffice incorrectly validated macro signatures. If a user were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary macros. CVE-2022-26305 It was discovered that Libreoffice incorrectly handled encryptin...
CVE-2022-26305
An Improper Certificate Validation vulnerability was found in LibreOffice, where determining if a trusted author signed a macro was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro...
Libre Office 7.2.x < 7.2.7, 7.3.x < 7.3.2 Improper Certificate Validation Vulnerability (Jul 2022) - Linux
Libre Office is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
LibreOffice 7.2.x < 7.2.7, 7.3.x < 7.3.2 Improper Certificate Validation Vulnerability (Jul 2022) - Windows
LibreOffice is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Libre Office 7.2.x < 7.2.7, 7.3.x < 7.3.3 Multiple Vulnerabilities (Jul 2022) - Mac OS X
LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...
Libre Office 7.2.x < 7.2.7, 7.3.x < 7.3.3 Multiple Vulnerabilities (Jul 2022) - Linux
LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...
CVE-2022-26305
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the...
KLA12593 Multiple vulnerabilities in LibreOffice
Multiple vulnerabilities were found in LibreOffice. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security vulnerability can be exploited to bypass security restrictions. 2. Remote code...
CVE-2022-26305 Execution of Untrusted Macros Due to Improper Certificate Validation
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the...
CVE-2022-26305
The vulnerability CVE-2022-26305 affects The Document Foundation LibreOffice, where macro signing verification was weakened by validating a certificate only via serial number and issuer string, not the actual signature. This could allow an attacker to craft a certificate that matches a trusted au...