Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-25636
HistoryFeb 24, 2022 - 12:00 a.m.

CVE-2021-25636

2022-02-2400:00:00
ubuntu.com
ubuntu.com
16

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

38.9%

LibreOffice supports digital signatures of ODF documents and macros within
documents, presenting visual aids that no alteration of the document
occurred since the last signing and that the signature is valid. An
Improper Certificate Validation vulnerability in LibreOffice allowed an
attacker to create a digitally signed ODF document, by manipulating the
documentsignatures.xml or macrosignatures.xml stream within the document to
contain both “X509Data” and “KeyValue” children of the “KeyInfo” tag, which
when opened caused LibreOffice to verify using the “KeyValue” but to report
verification with the unrelated “X509Data” value. This issue affects: The
Document Foundation LibreOffice 7.2 versions prior to 7.2.5.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlibreoffice< 1:6.0.7-0ubuntu0.18.04.11UNKNOWN
ubuntu20.04noarchlibreoffice< 1:6.4.7-0ubuntu0.20.04.4UNKNOWN
ubuntu21.10noarchlibreoffice< 1:7.2.5-0ubuntu0.21.10.3UNKNOWN

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

38.9%