vulnerability
CentOS Linux: CVE-2019-9853: Moderate: libreoffice security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Sep 27, 2019 | Apr 1, 2020 | May 25, 2023 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Sep 27, 2019
Added
Apr 1, 2020
Modified
May 25, 2023
Description
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1.
Solution(s)
centos-upgrade-autocorr-afcentos-upgrade-autocorr-bgcentos-upgrade-autocorr-cacentos-upgrade-autocorr-cscentos-upgrade-autocorr-dacentos-upgrade-autocorr-decentos-upgrade-autocorr-encentos-upgrade-autocorr-escentos-upgrade-autocorr-facentos-upgrade-autocorr-ficentos-upgrade-autocorr-frcentos-upgrade-autocorr-gacentos-upgrade-autocorr-hrcentos-upgrade-autocorr-hucentos-upgrade-autocorr-iscentos-upgrade-autocorr-itcentos-upgrade-autocorr-jacentos-upgrade-autocorr-kocentos-upgrade-autocorr-lbcentos-upgrade-autocorr-ltcentos-upgrade-autocorr-mncentos-upgrade-autocorr-nlcentos-upgrade-autocorr-plcentos-upgrade-autocorr-ptcentos-upgrade-autocorr-rocentos-upgrade-autocorr-rucentos-upgrade-autocorr-skcentos-upgrade-autocorr-slcentos-upgrade-autocorr-srcentos-upgrade-autocorr-svcentos-upgrade-autocorr-trcentos-upgrade-autocorr-vicentos-upgrade-autocorr-zhcentos-upgrade-libreofficecentos-upgrade-libreoffice-basecentos-upgrade-libreoffice-base-debuginfocentos-upgrade-libreoffice-bshcentos-upgrade-libreoffice-calccentos-upgrade-libreoffice-calc-debuginfocentos-upgrade-libreoffice-corecentos-upgrade-libreoffice-core-debuginfocentos-upgrade-libreoffice-datacentos-upgrade-libreoffice-debuginfocentos-upgrade-libreoffice-debugsourcecentos-upgrade-libreoffice-drawcentos-upgrade-libreoffice-emailmergecentos-upgrade-libreoffice-filterscentos-upgrade-libreoffice-gdb-debug-supportcentos-upgrade-libreoffice-gladecentos-upgrade-libreoffice-glade-debuginfocentos-upgrade-libreoffice-graphicfiltercentos-upgrade-libreoffice-graphicfilter-debuginfocentos-upgrade-libreoffice-gtk2centos-upgrade-libreoffice-gtk2-debuginfocentos-upgrade-libreoffice-gtk3centos-upgrade-libreoffice-gtk3-debuginfocentos-upgrade-libreoffice-help-arcentos-upgrade-libreoffice-help-bgcentos-upgrade-libreoffice-help-bncentos-upgrade-libreoffice-help-cacentos-upgrade-libreoffice-help-cscentos-upgrade-libreoffice-help-dacentos-upgrade-libreoffice-help-decentos-upgrade-libreoffice-help-dzcentos-upgrade-libreoffice-help-elcentos-upgrade-libreoffice-help-encentos-upgrade-libreoffice-help-escentos-upgrade-libreoffice-help-etcentos-upgrade-libreoffice-help-eucentos-upgrade-libreoffice-help-ficentos-upgrade-libreoffice-help-frcentos-upgrade-libreoffice-help-glcentos-upgrade-libreoffice-help-gucentos-upgrade-libreoffice-help-hecentos-upgrade-libreoffice-help-hicentos-upgrade-libreoffice-help-hrcentos-upgrade-libreoffice-help-hucentos-upgrade-libreoffice-help-idcentos-upgrade-libreoffice-help-itcentos-upgrade-libreoffice-help-jacentos-upgrade-libreoffice-help-kocentos-upgrade-libreoffice-help-ltcentos-upgrade-libreoffice-help-lvcentos-upgrade-libreoffice-help-nbcentos-upgrade-libreoffice-help-nlcentos-upgrade-libreoffice-help-nncentos-upgrade-libreoffice-help-plcentos-upgrade-libreoffice-help-pt-brcentos-upgrade-libreoffice-help-pt-ptcentos-upgrade-libreoffice-help-rocentos-upgrade-libreoffice-help-rucentos-upgrade-libreoffice-help-sicentos-upgrade-libreoffice-help-skcentos-upgrade-libreoffice-help-slcentos-upgrade-libreoffice-help-svcentos-upgrade-libreoffice-help-tacentos-upgrade-libreoffice-help-trcentos-upgrade-libreoffice-help-ukcentos-upgrade-libreoffice-help-zh-hanscentos-upgrade-libreoffice-help-zh-hantcentos-upgrade-libreoffice-impresscentos-upgrade-libreoffice-impress-debuginfocentos-upgrade-libreoffice-langpack-afcentos-upgrade-libreoffice-langpack-arcentos-upgrade-libreoffice-langpack-ascentos-upgrade-libreoffice-langpack-bgcentos-upgrade-libreoffice-langpack-bncentos-upgrade-libreoffice-langpack-brcentos-upgrade-libreoffice-langpack-cacentos-upgrade-libreoffice-langpack-cscentos-upgrade-libreoffice-langpack-cycentos-upgrade-libreoffice-langpack-dacentos-upgrade-libreoffice-langpack-decentos-upgrade-libreoffice-langpack-dzcentos-upgrade-libreoffice-langpack-elcentos-upgrade-libreoffice-langpack-encentos-upgrade-libreoffice-langpack-escentos-upgrade-libreoffice-langpack-etcentos-upgrade-libreoffice-langpack-eucentos-upgrade-libreoffice-langpack-facentos-upgrade-libreoffice-langpack-ficentos-upgrade-libreoffice-langpack-frcentos-upgrade-libreoffice-langpack-gacentos-upgrade-libreoffice-langpack-glcentos-upgrade-libreoffice-langpack-gucentos-upgrade-libreoffice-langpack-hecentos-upgrade-libreoffice-langpack-hicentos-upgrade-libreoffice-langpack-hrcentos-upgrade-libreoffice-langpack-hucentos-upgrade-libreoffice-langpack-idcentos-upgrade-libreoffice-langpack-itcentos-upgrade-libreoffice-langpack-jacentos-upgrade-libreoffice-langpack-kkcentos-upgrade-libreoffice-langpack-kncentos-upgrade-libreoffice-langpack-kocentos-upgrade-libreoffice-langpack-ltcentos-upgrade-libreoffice-langpack-lvcentos-upgrade-libreoffice-langpack-maicentos-upgrade-libreoffice-langpack-mlcentos-upgrade-libreoffice-langpack-mrcentos-upgrade-libreoffice-langpack-nbcentos-upgrade-libreoffice-langpack-nlcentos-upgrade-libreoffice-langpack-nncentos-upgrade-libreoffice-langpack-nrcentos-upgrade-libreoffice-langpack-nsocentos-upgrade-libreoffice-langpack-orcentos-upgrade-libreoffice-langpack-pacentos-upgrade-libreoffice-langpack-plcentos-upgrade-libreoffice-langpack-pt-brcentos-upgrade-libreoffice-langpack-pt-ptcentos-upgrade-libreoffice-langpack-rocentos-upgrade-libreoffice-langpack-rucentos-upgrade-libreoffice-langpack-sicentos-upgrade-libreoffice-langpack-skcentos-upgrade-libreoffice-langpack-slcentos-upgrade-libreoffice-langpack-srcentos-upgrade-libreoffice-langpack-sscentos-upgrade-libreoffice-langpack-stcentos-upgrade-libreoffice-langpack-svcentos-upgrade-libreoffice-langpack-tacentos-upgrade-libreoffice-langpack-tecentos-upgrade-libreoffice-langpack-thcentos-upgrade-libreoffice-langpack-tncentos-upgrade-libreoffice-langpack-trcentos-upgrade-libreoffice-langpack-tscentos-upgrade-libreoffice-langpack-ukcentos-upgrade-libreoffice-langpack-vecentos-upgrade-libreoffice-langpack-xhcentos-upgrade-libreoffice-langpack-zh-hanscentos-upgrade-libreoffice-langpack-zh-hantcentos-upgrade-libreoffice-langpack-zucentos-upgrade-libreoffice-librelogocentos-upgrade-libreoffice-mathcentos-upgrade-libreoffice-math-debuginfocentos-upgrade-libreoffice-nlpsolvercentos-upgrade-libreoffice-officebeancentos-upgrade-libreoffice-officebean-commoncentos-upgrade-libreoffice-officebean-debuginfocentos-upgrade-libreoffice-ogltranscentos-upgrade-libreoffice-ogltrans-debuginfocentos-upgrade-libreoffice-opensymbol-fontscentos-upgrade-libreoffice-pdfimportcentos-upgrade-libreoffice-pdfimport-debuginfocentos-upgrade-libreoffice-postgresqlcentos-upgrade-libreoffice-postgresql-debuginfocentos-upgrade-libreoffice-pyunocentos-upgrade-libreoffice-pyuno-debuginfocentos-upgrade-libreoffice-rhinocentos-upgrade-libreoffice-sdkcentos-upgrade-libreoffice-sdk-debuginfocentos-upgrade-libreoffice-sdk-doccentos-upgrade-libreoffice-urecentos-upgrade-libreoffice-ure-commoncentos-upgrade-libreoffice-ure-debuginfocentos-upgrade-libreoffice-wiki-publishercentos-upgrade-libreoffice-writercentos-upgrade-libreoffice-writer-debuginfocentos-upgrade-libreoffice-x11centos-upgrade-libreoffice-x11-debuginfocentos-upgrade-libreoffice-xsltfiltercentos-upgrade-libreofficekitcentos-upgrade-libreofficekit-debuginfocentos-upgrade-libreofficekit-devel
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.