Lucene search
+L

51 matches found

BDU FSTEC
BDU FSTEC
added 2019/09/19 12:0 a.m.4 views

The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.

The vulnerability of the LibreLogo software module in the LibreOffice office software package stems from errors in URL processing. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code on the target system using a specially crafted request...

10CVSS6AI score0.0193EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2019/09/19 12:0 a.m.7 views

The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.

The vulnerability of the LibreLogo software module in the LibreOffice office software package stems from errors in calculating path equivalence. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system using a specially crafted file...

10CVSS6AI score0.02646EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/09/13 12:0 a.m.5 views

The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.

The vulnerability of the LibreLogo software module of the LibreOffice office suite exists due to the presence of mechanisms within LibreLogo that execute programming algorithms in Python when the cursor is placed over a malicious object. Exploiting this vulnerability allows a remote attacker to...

9.3CVSS6.1AI score0.78347EPSS
Exploits4References9Affected Software6
BDU FSTEC
BDU FSTEC
added 2019/09/13 12:0 a.m.5 views

The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.

The vulnerability of the LibreLogo software module in the LibreOffice office software package arises from errors in URL processing. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code on the target system using a specially crafted file...

9.3CVSS6AI score0.0337EPSS
Exploits0References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2019/09/13 12:0 a.m.5 views

The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.

The vulnerability of the LibreLogo software module in the LibreOffice office software package stems from errors in URL processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system using a specially crafted file...

9.3CVSS6AI score0.01925EPSS
Exploits0References11Affected Software7
AlpineLinux
AlpineLinux
added 2019/09/06 6:40 p.m.71 views

CVE-2019-9855

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...

9.8CVSS9.6AI score0.02646EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/26 12:0 a.m.49 views

Fedora 29 : 1:libreoffice (2019-2fe22a3a2c)

CVE-2019-9850 Insufficient url validation allowing LibreLogo script execution - CVE-2019-9851 LibreLogo global-event script execution - CVE-2019-9852 Insufficient URL encoding flaw in allowed script location check ---- - CVE-2019-9848 LibreLogo arbitrary script execution - CVE-2019-9849 remote...

9.8CVSS7.6AI score0.78347EPSS
Exploits5References6
Packet Storm
Packet Storm
added 2019/08/20 12:0 a.m.267 views

LibreOffice Macro Python Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreOffice Macro Python Code Execution', 'Description' = %q LibreOffice comes bundled with sample macros written in Python and allows the abilit...

7.5CVSS0.2AI score0.78347EPSS
Exploits11
OSV
OSV
added 2019/08/19 11:50 a.m.3 views

USN-4102-1 libreoffice vulnerabilities

It was discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. CVE-2019-9850, CVE-2019-9851 It was discovered that LibreOffice incorrectly handled...

9.8CVSS7.1AI score0.78347EPSS
Exploits5References4
The Hacker News
The Hacker News
added 2019/08/16 9:19 a.m.2 views

Patches for 2 Severe LibreOffice Flaws Bypassed — Update to Patch Again

If you are using LibreOffice, you need to update it once again. LibreOffice has released the latest version 6.2.6/6.3.0 of its open-source office software to address three new vulnerabilities that could allow attackers to bypass patches for two previously addressed vulnerabilities. LibreOffice is...

9.8CVSS8.2AI score0.78347EPSS
Exploits11
NVD
NVD
added 2019/08/15 10:15 p.m.23 views

CVE-2019-9851

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers...

9.8CVSS9.7AI score0.78347EPSS
Exploits4References9
OSV
OSV
added 2019/08/15 10:15 p.m.19 views

CVE-2019-9850

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...

9.8CVSS9.7AI score0.0337EPSS
Exploits0References9
OSV
OSV
added 2019/08/15 10:15 p.m.1 views

DEBIAN-CVE-2019-9850

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...

9.8CVSS7.2AI score0.0337EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/15 9:35 p.m.24 views

CVE-2019-9851 LibreLogo global-event script execution

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers...

9.8AI score0.78347EPSS
Exploits4References9
Cvelist
Cvelist
added 2019/08/15 9:30 p.m.28 views

CVE-2019-9850 Insufficient url validation allowing LibreLogo script execution

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...

9.9AI score0.0337EPSS
Exploits0References9
Kaspersky
Kaspersky
added 2019/08/15 12:0 a.m.65 views

KLA11542 Multiple vulnerabilities in LibreOffice

Multiple vulnerabilities were found in LibreOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A directory traversal vulnerability can be exploited to bypass security restrictions; 2...

9.8CVSS9.9AI score0.78347EPSS
Exploits4References5
OSV
OSV
added 2019/08/15 12:0 a.m.8 views

UBUNTU-CVE-2019-9851

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers...

9.8CVSS7.3AI score0.78347EPSS
Exploits4References6
OSV
OSV
added 2019/08/15 12:0 a.m.8 views

UBUNTU-CVE-2019-9850

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...

9.8CVSS7.4AI score0.0337EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/08/06 12:0 a.m.3 views

PT-2019-3160 · Document Foundation +5 · Libreoffice +5

Name of the Vulnerable Software and Affected Versions: Document Foundation LibreOffice versions prior to 6.2.6 Description: The issue is related to the handling of URLs in LibreOffice, specifically with the LibreLogo module. It allows a remote attacker to execute arbitrary code on the target syst...

9.8CVSS8.4AI score0.78347EPSS
Exploits12References126
Tenable Nessus
Tenable Nessus
added 2019/08/05 12:0 a.m.46 views

LibreOffice < 6.2.5 Multiple Vulnerabilities (macOS)

The version of LibreOffice installed on the remote macOS host is prior to 6.2.5. It is, therefore, affected by multiple vulnerabilities : - An arbitrary script execution vulnerability exists due to a flaw allowing event-based execution of python scripts within a document. Note, LibreLogo must be...

9.8CVSS7.8AI score0.31215EPSS
Exploits5References4
Rows per page
Query Builder