Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:36646
HistoryAug 10, 2022 - 11:45 a.m.

Improper Certificate Validation

2022-08-1011:45:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21
libreoffice
certificate validation
vulnerability
macro
arbitrary code
software

EPSS

0.002

Percentile

61.4%

libreoffice is vulnerable to an Improper Certificate Validation vulnerability. The vulnerability exists where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificat potentially leading to the user to execute arbitrary code contained in macros improperly trusted.