Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2020-12803
HistoryJun 08, 2020 - 12:00 a.m.

CVE-2020-12803

2020-06-0800:00:00
ubuntu.com
ubuntu.com
9

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.9%

JSON

ODF documents can contain forms to be filled out by the user. Similar to
HTML forms, the contained form data can be submitted to a URI, for example,
to an external web server. To create submittable forms, ODF implements the
XForms W3C standard, which allows data to be submitted without the need for
macros or other active scripting Prior to version 6.4.4 LibreOffice allowed
forms to be submitted to any URI, including file: URIs, enabling form
submissions to overwrite local files. User-interaction is required to
submit the form, but to avoid the possibility of malicious documents
engineered to maximize the possibility of inadvertent user submission this
feature has now been limited to http[s] URIs, removing the possibility to
overwrite local files. This issue affects: The Document Foundation
LibreOffice versions prior to 6.4.4.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlibreoffice< 1:6.0.7-0ubuntu0.18.04.12UNKNOWN
ubuntu20.04noarchlibreoffice< 1:6.4.7-0ubuntu0.20.04.1UNKNOWN
ubuntu20.10noarchlibreoffice< 1:6.4.4-0ubuntu1UNKNOWN
ubuntu21.04noarchlibreoffice< 1:6.4.4-0ubuntu1UNKNOWN
ubuntu21.10noarchlibreoffice< 1:6.4.4-0ubuntu1UNKNOWN
ubuntu22.04noarchlibreoffice< 1:6.4.4-0ubuntu1UNKNOWN
ubuntu22.10noarchlibreoffice< 1:6.4.4-0ubuntu1UNKNOWN
ubuntu23.04noarchlibreoffice< 1:6.4.4-0ubuntu1UNKNOWN

Related

veracode 2
redhatcve 1
kaspersky 1
debiancve 1
osv 5
prion 1
cve 1
alpinelinux 1
nessus 11
openvas 9
suse 2
fedora 1
redhat 1
rocky 1
freebsd 1
oraclelinux 1
almalinux 1
debian 1
ubuntu 1
veracode
veracode
Arbitrary File Overwrite
2020-11-05 03:18:59
Information Disclosure
2020-11-05 03:18:59
redhatcve
redhatcve
CVE-2020-12803
2020-06-18 08:28:51
kaspersky
kaspersky
KLA11804 XForms vulnerability in LibreOffice
2020-06-09 00:00:00
debiancve
debiancve
CVE-2020-12803
2020-06-08 16:15:00
osv
osv
CVE-2020-12803
2020-06-08 16:15:10
Low: libreoffice security, bug fix, and enhancement update
2020-11-03 12:21:42
Low: libreoffice security, bug fix, and enhancement update
2020-11-03 12:21:42
prion
prion
Deserialization of untrusted data
2020-06-08 16:15:00
cve
cve
CVE-2020-12803
2020-06-08 16:15:00
alpinelinux
alpinelinux
CVE-2020-12803
2020-06-08 16:15:00
nessus
nessus
Oracle Linux 8 : libreoffice (ELSA-2020-4628)
2020-11-12 00:00:00
openSUSE Security Update : libreoffice (openSUSE-2020-1261)
2020-08-27 00:00:00
Fedora 31 : 1:libreoffice (2020-8922773bc4)
2020-06-29 00:00:00
openvas
openvas
Fedora: Security Advisory for libreoffice (FEDORA-2020-8922773bc4)
2020-07-02 00:00:00
Libre Office Multiple Vulnerabilities (Jun 2020) - Mac OS X
2020-08-03 00:00:00
Huawei EulerOS: Security Advisory for libreoffice (EulerOS-SA-2021-1687)
2021-03-24 00:00:00
suse
suse
Security update for libreoffice (moderate)
2020-08-16 00:00:00
Security update for libreoffice (moderate)
2020-08-27 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: libreoffice-6.3.6.2-4.fc31
2020-06-27 03:08:06
redhat
redhat
(RHSA-2020:4628) Low: libreoffice security, bug fix, and enhancement update
2020-11-03 12:21:42
rocky
rocky
libreoffice security, bug fix, and enhancement update
2020-11-03 12:21:42
freebsd
freebsd
LibreOffice Security Advisory
2020-06-08 00:00:00
oraclelinux
oraclelinux
libreoffice security, bug fix, and enhancement update
2020-11-10 00:00:00
almalinux
almalinux
Low: libreoffice security, bug fix, and enhancement update
2020-11-03 12:21:42
debian
debian
[SECURITY] [DLA 3703-1] libreoffice security update
2023-12-31 09:28:21
ubuntu
ubuntu
LibreOffice vulnerabilities
2022-10-20 00:00:00

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.9%

JSON
Related for UB:CVE-2020-12803
veracode2redhatcve1kaspersky1debiancve1osv5prion1cve1alpinelinux1nessus11openvas9suse2fedora1redhat1rocky1freebsd1oraclelinux1almalinux1debian1ubuntu1