51 matches found
The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.
The vulnerability of the LibreLogo software module in the LibreOffice office software package stems from errors in URL processing. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code on the target system using a specially crafted request...
The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.
The vulnerability of the LibreLogo software module in the LibreOffice office software package stems from errors in calculating path equivalence. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system using a specially crafted file...
The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.
The vulnerability of the LibreLogo software module of the LibreOffice office suite exists due to the presence of mechanisms within LibreLogo that execute programming algorithms in Python when the cursor is placed over a malicious object. Exploiting this vulnerability allows a remote attacker to...
The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.
The vulnerability of the LibreLogo software module in the LibreOffice office software package arises from errors in URL processing. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code on the target system using a specially crafted file...
The vulnerability of the LibreLogo software module of the LibreOffice office software package allows a hacker to execute arbitrary code on the target system.
The vulnerability of the LibreLogo software module in the LibreOffice office software package stems from errors in URL processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system using a specially crafted file...
CVE-2019-9855
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...
Fedora 29 : 1:libreoffice (2019-2fe22a3a2c)
CVE-2019-9850 Insufficient url validation allowing LibreLogo script execution - CVE-2019-9851 LibreLogo global-event script execution - CVE-2019-9852 Insufficient URL encoding flaw in allowed script location check ---- - CVE-2019-9848 LibreLogo arbitrary script execution - CVE-2019-9849 remote...
LibreOffice Macro Python Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreOffice Macro Python Code Execution', 'Description' = %q LibreOffice comes bundled with sample macros written in Python and allows the abilit...
USN-4102-1 libreoffice vulnerabilities
It was discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. CVE-2019-9850, CVE-2019-9851 It was discovered that LibreOffice incorrectly handled...
Patches for 2 Severe LibreOffice Flaws Bypassed — Update to Patch Again
If you are using LibreOffice, you need to update it once again. LibreOffice has released the latest version 6.2.6/6.3.0 of its open-source office software to address three new vulnerabilities that could allow attackers to bypass patches for two previously addressed vulnerabilities. LibreOffice is...
CVE-2019-9851
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers...
CVE-2019-9850
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...
DEBIAN-CVE-2019-9850
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...
CVE-2019-9851 LibreLogo global-event script execution
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers...
CVE-2019-9850 Insufficient url validation allowing LibreLogo script execution
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...
KLA11542 Multiple vulnerabilities in LibreOffice
Multiple vulnerabilities were found in LibreOffice. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A directory traversal vulnerability can be exploited to bypass security restrictions; 2...
UBUNTU-CVE-2019-9851
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers...
UBUNTU-CVE-2019-9850
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on...
PT-2019-3160 · Document Foundation +5 · Libreoffice +5
Name of the Vulnerable Software and Affected Versions: Document Foundation LibreOffice versions prior to 6.2.6 Description: The issue is related to the handling of URLs in LibreOffice, specifically with the LibreLogo module. It allows a remote attacker to execute arbitrary code on the target syst...
LibreOffice < 6.2.5 Multiple Vulnerabilities (macOS)
The version of LibreOffice installed on the remote macOS host is prior to 6.2.5. It is, therefore, affected by multiple vulnerabilities : - An arbitrary script execution vulnerability exists due to a flaw allowing event-based execution of python scripts within a document. Note, LibreLogo must be...