vulnerability
CentOS Linux: CVE-2019-9851: Moderate: libreoffice security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Aug 15, 2019 | Apr 1, 2020 | May 25, 2023 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 15, 2019
Added
Apr 1, 2020
Modified
May 25, 2023
Description
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.
Solution(s)
centos-upgrade-autocorr-afcentos-upgrade-autocorr-bgcentos-upgrade-autocorr-cacentos-upgrade-autocorr-cscentos-upgrade-autocorr-dacentos-upgrade-autocorr-decentos-upgrade-autocorr-encentos-upgrade-autocorr-escentos-upgrade-autocorr-facentos-upgrade-autocorr-ficentos-upgrade-autocorr-frcentos-upgrade-autocorr-gacentos-upgrade-autocorr-hrcentos-upgrade-autocorr-hucentos-upgrade-autocorr-iscentos-upgrade-autocorr-itcentos-upgrade-autocorr-jacentos-upgrade-autocorr-kocentos-upgrade-autocorr-lbcentos-upgrade-autocorr-ltcentos-upgrade-autocorr-mncentos-upgrade-autocorr-nlcentos-upgrade-autocorr-plcentos-upgrade-autocorr-ptcentos-upgrade-autocorr-rocentos-upgrade-autocorr-rucentos-upgrade-autocorr-skcentos-upgrade-autocorr-slcentos-upgrade-autocorr-srcentos-upgrade-autocorr-svcentos-upgrade-autocorr-trcentos-upgrade-autocorr-vicentos-upgrade-autocorr-zhcentos-upgrade-libreofficecentos-upgrade-libreoffice-basecentos-upgrade-libreoffice-base-debuginfocentos-upgrade-libreoffice-bshcentos-upgrade-libreoffice-calccentos-upgrade-libreoffice-calc-debuginfocentos-upgrade-libreoffice-corecentos-upgrade-libreoffice-core-debuginfocentos-upgrade-libreoffice-datacentos-upgrade-libreoffice-debuginfocentos-upgrade-libreoffice-debugsourcecentos-upgrade-libreoffice-drawcentos-upgrade-libreoffice-emailmergecentos-upgrade-libreoffice-filterscentos-upgrade-libreoffice-gdb-debug-supportcentos-upgrade-libreoffice-gladecentos-upgrade-libreoffice-glade-debuginfocentos-upgrade-libreoffice-graphicfiltercentos-upgrade-libreoffice-graphicfilter-debuginfocentos-upgrade-libreoffice-gtk2centos-upgrade-libreoffice-gtk2-debuginfocentos-upgrade-libreoffice-gtk3centos-upgrade-libreoffice-gtk3-debuginfocentos-upgrade-libreoffice-help-arcentos-upgrade-libreoffice-help-bgcentos-upgrade-libreoffice-help-bncentos-upgrade-libreoffice-help-cacentos-upgrade-libreoffice-help-cscentos-upgrade-libreoffice-help-dacentos-upgrade-libreoffice-help-decentos-upgrade-libreoffice-help-dzcentos-upgrade-libreoffice-help-elcentos-upgrade-libreoffice-help-encentos-upgrade-libreoffice-help-escentos-upgrade-libreoffice-help-etcentos-upgrade-libreoffice-help-eucentos-upgrade-libreoffice-help-ficentos-upgrade-libreoffice-help-frcentos-upgrade-libreoffice-help-glcentos-upgrade-libreoffice-help-gucentos-upgrade-libreoffice-help-hecentos-upgrade-libreoffice-help-hicentos-upgrade-libreoffice-help-hrcentos-upgrade-libreoffice-help-hucentos-upgrade-libreoffice-help-idcentos-upgrade-libreoffice-help-itcentos-upgrade-libreoffice-help-jacentos-upgrade-libreoffice-help-kocentos-upgrade-libreoffice-help-ltcentos-upgrade-libreoffice-help-lvcentos-upgrade-libreoffice-help-nbcentos-upgrade-libreoffice-help-nlcentos-upgrade-libreoffice-help-nncentos-upgrade-libreoffice-help-plcentos-upgrade-libreoffice-help-pt-brcentos-upgrade-libreoffice-help-pt-ptcentos-upgrade-libreoffice-help-rocentos-upgrade-libreoffice-help-rucentos-upgrade-libreoffice-help-sicentos-upgrade-libreoffice-help-skcentos-upgrade-libreoffice-help-slcentos-upgrade-libreoffice-help-svcentos-upgrade-libreoffice-help-tacentos-upgrade-libreoffice-help-trcentos-upgrade-libreoffice-help-ukcentos-upgrade-libreoffice-help-zh-hanscentos-upgrade-libreoffice-help-zh-hantcentos-upgrade-libreoffice-impresscentos-upgrade-libreoffice-impress-debuginfocentos-upgrade-libreoffice-langpack-afcentos-upgrade-libreoffice-langpack-arcentos-upgrade-libreoffice-langpack-ascentos-upgrade-libreoffice-langpack-bgcentos-upgrade-libreoffice-langpack-bncentos-upgrade-libreoffice-langpack-brcentos-upgrade-libreoffice-langpack-cacentos-upgrade-libreoffice-langpack-cscentos-upgrade-libreoffice-langpack-cycentos-upgrade-libreoffice-langpack-dacentos-upgrade-libreoffice-langpack-decentos-upgrade-libreoffice-langpack-dzcentos-upgrade-libreoffice-langpack-elcentos-upgrade-libreoffice-langpack-encentos-upgrade-libreoffice-langpack-escentos-upgrade-libreoffice-langpack-etcentos-upgrade-libreoffice-langpack-eucentos-upgrade-libreoffice-langpack-facentos-upgrade-libreoffice-langpack-ficentos-upgrade-libreoffice-langpack-frcentos-upgrade-libreoffice-langpack-gacentos-upgrade-libreoffice-langpack-glcentos-upgrade-libreoffice-langpack-gucentos-upgrade-libreoffice-langpack-hecentos-upgrade-libreoffice-langpack-hicentos-upgrade-libreoffice-langpack-hrcentos-upgrade-libreoffice-langpack-hucentos-upgrade-libreoffice-langpack-idcentos-upgrade-libreoffice-langpack-itcentos-upgrade-libreoffice-langpack-jacentos-upgrade-libreoffice-langpack-kkcentos-upgrade-libreoffice-langpack-kncentos-upgrade-libreoffice-langpack-kocentos-upgrade-libreoffice-langpack-ltcentos-upgrade-libreoffice-langpack-lvcentos-upgrade-libreoffice-langpack-maicentos-upgrade-libreoffice-langpack-mlcentos-upgrade-libreoffice-langpack-mrcentos-upgrade-libreoffice-langpack-nbcentos-upgrade-libreoffice-langpack-nlcentos-upgrade-libreoffice-langpack-nncentos-upgrade-libreoffice-langpack-nrcentos-upgrade-libreoffice-langpack-nsocentos-upgrade-libreoffice-langpack-orcentos-upgrade-libreoffice-langpack-pacentos-upgrade-libreoffice-langpack-plcentos-upgrade-libreoffice-langpack-pt-brcentos-upgrade-libreoffice-langpack-pt-ptcentos-upgrade-libreoffice-langpack-rocentos-upgrade-libreoffice-langpack-rucentos-upgrade-libreoffice-langpack-sicentos-upgrade-libreoffice-langpack-skcentos-upgrade-libreoffice-langpack-slcentos-upgrade-libreoffice-langpack-srcentos-upgrade-libreoffice-langpack-sscentos-upgrade-libreoffice-langpack-stcentos-upgrade-libreoffice-langpack-svcentos-upgrade-libreoffice-langpack-tacentos-upgrade-libreoffice-langpack-tecentos-upgrade-libreoffice-langpack-thcentos-upgrade-libreoffice-langpack-tncentos-upgrade-libreoffice-langpack-trcentos-upgrade-libreoffice-langpack-tscentos-upgrade-libreoffice-langpack-ukcentos-upgrade-libreoffice-langpack-vecentos-upgrade-libreoffice-langpack-xhcentos-upgrade-libreoffice-langpack-zh-hanscentos-upgrade-libreoffice-langpack-zh-hantcentos-upgrade-libreoffice-langpack-zucentos-upgrade-libreoffice-librelogocentos-upgrade-libreoffice-mathcentos-upgrade-libreoffice-math-debuginfocentos-upgrade-libreoffice-nlpsolvercentos-upgrade-libreoffice-officebeancentos-upgrade-libreoffice-officebean-commoncentos-upgrade-libreoffice-officebean-debuginfocentos-upgrade-libreoffice-ogltranscentos-upgrade-libreoffice-ogltrans-debuginfocentos-upgrade-libreoffice-opensymbol-fontscentos-upgrade-libreoffice-pdfimportcentos-upgrade-libreoffice-pdfimport-debuginfocentos-upgrade-libreoffice-postgresqlcentos-upgrade-libreoffice-postgresql-debuginfocentos-upgrade-libreoffice-pyunocentos-upgrade-libreoffice-pyuno-debuginfocentos-upgrade-libreoffice-rhinocentos-upgrade-libreoffice-sdkcentos-upgrade-libreoffice-sdk-debuginfocentos-upgrade-libreoffice-sdk-doccentos-upgrade-libreoffice-urecentos-upgrade-libreoffice-ure-commoncentos-upgrade-libreoffice-ure-debuginfocentos-upgrade-libreoffice-wiki-publishercentos-upgrade-libreoffice-writercentos-upgrade-libreoffice-writer-debuginfocentos-upgrade-libreoffice-x11centos-upgrade-libreoffice-x11-debuginfocentos-upgrade-libreoffice-xsltfiltercentos-upgrade-libreofficekitcentos-upgrade-libreofficekit-debuginfocentos-upgrade-libreofficekit-devel
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.