2 matches found
FreeBSD : LibreOffice -- Remote arbitrary file disclosure vulnerability via WEBSERVICE formula (289269f1-0def-11e8-99b0-d017c2987f9a)
LibreOffice reports : LibreOffice Calc supports a WEBSERVICE function to obtain data by URL. Vulnerable versions of LibreOffice allow WEBSERVICE to take a local file URL e.g file:// which can be used to inject local files into the spreadsheet without warning the user. Subsequent formulas can...
LibreOffice -- Remote arbitrary file disclosure vulnerability via WEBSERVICE formula
LibreOffice reports: LibreOffice Calc supports a WEBSERVICE function to obtain data by URL. Vulnerable versions of LibreOffice allow WEBSERVICE to take a local file URL e.g file:// which can be used to inject local files into the spreadsheet without warning the user. Subsequent formulas can opera...