Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2018-16858: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

SUSE: CVE-2018-16858: SUSE Linux Security Advisory

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
02/02/2019
Created
06/11/2019
Added
06/07/2019
Modified
02/04/2022

Description

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.

Solution(s)

  • suse-upgrade-libixion-0_14-0
  • suse-upgrade-libixion-devel
  • suse-upgrade-libixion-tools
  • suse-upgrade-liborcus-0_14-0
  • suse-upgrade-liborcus-devel
  • suse-upgrade-liborcus-tools
  • suse-upgrade-libreoffice
  • suse-upgrade-libreoffice-base
  • suse-upgrade-libreoffice-base-drivers-firebird
  • suse-upgrade-libreoffice-base-drivers-postgresql
  • suse-upgrade-libreoffice-branding-upstream
  • suse-upgrade-libreoffice-calc
  • suse-upgrade-libreoffice-calc-extensions
  • suse-upgrade-libreoffice-draw
  • suse-upgrade-libreoffice-filters-optional
  • suse-upgrade-libreoffice-gdb-pretty-printers
  • suse-upgrade-libreoffice-glade
  • suse-upgrade-libreoffice-gnome
  • suse-upgrade-libreoffice-gtk2
  • suse-upgrade-libreoffice-gtk3
  • suse-upgrade-libreoffice-icon-themes
  • suse-upgrade-libreoffice-impress
  • suse-upgrade-libreoffice-l10n-af
  • suse-upgrade-libreoffice-l10n-am
  • suse-upgrade-libreoffice-l10n-ar
  • suse-upgrade-libreoffice-l10n-as
  • suse-upgrade-libreoffice-l10n-ast
  • suse-upgrade-libreoffice-l10n-be
  • suse-upgrade-libreoffice-l10n-bg
  • suse-upgrade-libreoffice-l10n-bn
  • suse-upgrade-libreoffice-l10n-bn_in
  • suse-upgrade-libreoffice-l10n-bo
  • suse-upgrade-libreoffice-l10n-br
  • suse-upgrade-libreoffice-l10n-brx
  • suse-upgrade-libreoffice-l10n-bs
  • suse-upgrade-libreoffice-l10n-ca
  • suse-upgrade-libreoffice-l10n-ca_valencia
  • suse-upgrade-libreoffice-l10n-ckb
  • suse-upgrade-libreoffice-l10n-cs
  • suse-upgrade-libreoffice-l10n-cy
  • suse-upgrade-libreoffice-l10n-da
  • suse-upgrade-libreoffice-l10n-de
  • suse-upgrade-libreoffice-l10n-dgo
  • suse-upgrade-libreoffice-l10n-dsb
  • suse-upgrade-libreoffice-l10n-dz
  • suse-upgrade-libreoffice-l10n-el
  • suse-upgrade-libreoffice-l10n-en
  • suse-upgrade-libreoffice-l10n-en_gb
  • suse-upgrade-libreoffice-l10n-en_za
  • suse-upgrade-libreoffice-l10n-eo
  • suse-upgrade-libreoffice-l10n-es
  • suse-upgrade-libreoffice-l10n-et
  • suse-upgrade-libreoffice-l10n-eu
  • suse-upgrade-libreoffice-l10n-fa
  • suse-upgrade-libreoffice-l10n-fi
  • suse-upgrade-libreoffice-l10n-fr
  • suse-upgrade-libreoffice-l10n-fur
  • suse-upgrade-libreoffice-l10n-fy
  • suse-upgrade-libreoffice-l10n-ga
  • suse-upgrade-libreoffice-l10n-gd
  • suse-upgrade-libreoffice-l10n-gl
  • suse-upgrade-libreoffice-l10n-gu
  • suse-upgrade-libreoffice-l10n-gug
  • suse-upgrade-libreoffice-l10n-he
  • suse-upgrade-libreoffice-l10n-hi
  • suse-upgrade-libreoffice-l10n-hr
  • suse-upgrade-libreoffice-l10n-hsb
  • suse-upgrade-libreoffice-l10n-hu
  • suse-upgrade-libreoffice-l10n-id
  • suse-upgrade-libreoffice-l10n-is
  • suse-upgrade-libreoffice-l10n-it
  • suse-upgrade-libreoffice-l10n-ja
  • suse-upgrade-libreoffice-l10n-ka
  • suse-upgrade-libreoffice-l10n-kab
  • suse-upgrade-libreoffice-l10n-kk
  • suse-upgrade-libreoffice-l10n-km
  • suse-upgrade-libreoffice-l10n-kmr_latn
  • suse-upgrade-libreoffice-l10n-kn
  • suse-upgrade-libreoffice-l10n-ko
  • suse-upgrade-libreoffice-l10n-kok
  • suse-upgrade-libreoffice-l10n-ks
  • suse-upgrade-libreoffice-l10n-lb
  • suse-upgrade-libreoffice-l10n-lo
  • suse-upgrade-libreoffice-l10n-lt
  • suse-upgrade-libreoffice-l10n-lv
  • suse-upgrade-libreoffice-l10n-mai
  • suse-upgrade-libreoffice-l10n-mk
  • suse-upgrade-libreoffice-l10n-ml
  • suse-upgrade-libreoffice-l10n-mn
  • suse-upgrade-libreoffice-l10n-mni
  • suse-upgrade-libreoffice-l10n-mr
  • suse-upgrade-libreoffice-l10n-my
  • suse-upgrade-libreoffice-l10n-nb
  • suse-upgrade-libreoffice-l10n-ne
  • suse-upgrade-libreoffice-l10n-nl
  • suse-upgrade-libreoffice-l10n-nn
  • suse-upgrade-libreoffice-l10n-nr
  • suse-upgrade-libreoffice-l10n-nso
  • suse-upgrade-libreoffice-l10n-oc
  • suse-upgrade-libreoffice-l10n-om
  • suse-upgrade-libreoffice-l10n-or
  • suse-upgrade-libreoffice-l10n-pa
  • suse-upgrade-libreoffice-l10n-pl
  • suse-upgrade-libreoffice-l10n-pt_br
  • suse-upgrade-libreoffice-l10n-pt_pt
  • suse-upgrade-libreoffice-l10n-ro
  • suse-upgrade-libreoffice-l10n-ru
  • suse-upgrade-libreoffice-l10n-rw
  • suse-upgrade-libreoffice-l10n-sa_in
  • suse-upgrade-libreoffice-l10n-sat
  • suse-upgrade-libreoffice-l10n-sd
  • suse-upgrade-libreoffice-l10n-si
  • suse-upgrade-libreoffice-l10n-sid
  • suse-upgrade-libreoffice-l10n-sk
  • suse-upgrade-libreoffice-l10n-sl
  • suse-upgrade-libreoffice-l10n-sq
  • suse-upgrade-libreoffice-l10n-sr
  • suse-upgrade-libreoffice-l10n-ss
  • suse-upgrade-libreoffice-l10n-st
  • suse-upgrade-libreoffice-l10n-sv
  • suse-upgrade-libreoffice-l10n-sw_tz
  • suse-upgrade-libreoffice-l10n-szl
  • suse-upgrade-libreoffice-l10n-ta
  • suse-upgrade-libreoffice-l10n-te
  • suse-upgrade-libreoffice-l10n-tg
  • suse-upgrade-libreoffice-l10n-th
  • suse-upgrade-libreoffice-l10n-tn
  • suse-upgrade-libreoffice-l10n-tr
  • suse-upgrade-libreoffice-l10n-ts
  • suse-upgrade-libreoffice-l10n-tt
  • suse-upgrade-libreoffice-l10n-ug
  • suse-upgrade-libreoffice-l10n-uk
  • suse-upgrade-libreoffice-l10n-uz
  • suse-upgrade-libreoffice-l10n-ve
  • suse-upgrade-libreoffice-l10n-vec
  • suse-upgrade-libreoffice-l10n-vi
  • suse-upgrade-libreoffice-l10n-xh
  • suse-upgrade-libreoffice-l10n-zh_cn
  • suse-upgrade-libreoffice-l10n-zh_tw
  • suse-upgrade-libreoffice-l10n-zu
  • suse-upgrade-libreoffice-librelogo
  • suse-upgrade-libreoffice-mailmerge
  • suse-upgrade-libreoffice-math
  • suse-upgrade-libreoffice-officebean
  • suse-upgrade-libreoffice-pyuno
  • suse-upgrade-libreoffice-qt5
  • suse-upgrade-libreoffice-sdk
  • suse-upgrade-libreoffice-sdk-doc
  • suse-upgrade-libreoffice-writer
  • suse-upgrade-libreoffice-writer-extensions
  • suse-upgrade-libreofficekit
  • suse-upgrade-libreofficekit-devel
  • suse-upgrade-libwps-0_4-4
  • suse-upgrade-libwps-devel
  • suse-upgrade-libwps-tools
  • suse-upgrade-mdds-1_4-devel
  • suse-upgrade-myspell-af_na
  • suse-upgrade-myspell-af_za
  • suse-upgrade-myspell-an
  • suse-upgrade-myspell-an_es
  • suse-upgrade-myspell-ar
  • suse-upgrade-myspell-ar_ae
  • suse-upgrade-myspell-ar_bh
  • suse-upgrade-myspell-ar_dz
  • suse-upgrade-myspell-ar_eg
  • suse-upgrade-myspell-ar_iq
  • suse-upgrade-myspell-ar_jo
  • suse-upgrade-myspell-ar_kw
  • suse-upgrade-myspell-ar_lb
  • suse-upgrade-myspell-ar_ly
  • suse-upgrade-myspell-ar_ma
  • suse-upgrade-myspell-ar_om
  • suse-upgrade-myspell-ar_qa
  • suse-upgrade-myspell-ar_sa
  • suse-upgrade-myspell-ar_sd
  • suse-upgrade-myspell-ar_sy
  • suse-upgrade-myspell-ar_tn
  • suse-upgrade-myspell-ar_ye
  • suse-upgrade-myspell-be_by
  • suse-upgrade-myspell-bg_bg
  • suse-upgrade-myspell-bn_bd
  • suse-upgrade-myspell-bn_in
  • suse-upgrade-myspell-bo
  • suse-upgrade-myspell-bo_cn
  • suse-upgrade-myspell-bo_in
  • suse-upgrade-myspell-br_fr
  • suse-upgrade-myspell-bs
  • suse-upgrade-myspell-bs_ba
  • suse-upgrade-myspell-ca
  • suse-upgrade-myspell-ca_ad
  • suse-upgrade-myspell-ca_es
  • suse-upgrade-myspell-ca_es_valencia
  • suse-upgrade-myspell-ca_fr
  • suse-upgrade-myspell-ca_it
  • suse-upgrade-myspell-cs_cz
  • suse-upgrade-myspell-da_dk
  • suse-upgrade-myspell-de
  • suse-upgrade-myspell-de_at
  • suse-upgrade-myspell-de_ch
  • suse-upgrade-myspell-de_de
  • suse-upgrade-myspell-dictionaries
  • suse-upgrade-myspell-el_gr
  • suse-upgrade-myspell-en
  • suse-upgrade-myspell-en_au
  • suse-upgrade-myspell-en_bs
  • suse-upgrade-myspell-en_bz
  • suse-upgrade-myspell-en_ca
  • suse-upgrade-myspell-en_gb
  • suse-upgrade-myspell-en_gh
  • suse-upgrade-myspell-en_ie
  • suse-upgrade-myspell-en_in
  • suse-upgrade-myspell-en_jm
  • suse-upgrade-myspell-en_mw
  • suse-upgrade-myspell-en_na
  • suse-upgrade-myspell-en_nz
  • suse-upgrade-myspell-en_ph
  • suse-upgrade-myspell-en_tt
  • suse-upgrade-myspell-en_us
  • suse-upgrade-myspell-en_za
  • suse-upgrade-myspell-en_zw
  • suse-upgrade-myspell-es
  • suse-upgrade-myspell-es_ar
  • suse-upgrade-myspell-es_bo
  • suse-upgrade-myspell-es_cl
  • suse-upgrade-myspell-es_co
  • suse-upgrade-myspell-es_cr
  • suse-upgrade-myspell-es_cu
  • suse-upgrade-myspell-es_do
  • suse-upgrade-myspell-es_ec
  • suse-upgrade-myspell-es_es
  • suse-upgrade-myspell-es_gt
  • suse-upgrade-myspell-es_hn
  • suse-upgrade-myspell-es_mx
  • suse-upgrade-myspell-es_ni
  • suse-upgrade-myspell-es_pa
  • suse-upgrade-myspell-es_pe
  • suse-upgrade-myspell-es_pr
  • suse-upgrade-myspell-es_py
  • suse-upgrade-myspell-es_sv
  • suse-upgrade-myspell-es_uy
  • suse-upgrade-myspell-es_ve
  • suse-upgrade-myspell-et_ee
  • suse-upgrade-myspell-fr_be
  • suse-upgrade-myspell-fr_ca
  • suse-upgrade-myspell-fr_ch
  • suse-upgrade-myspell-fr_fr
  • suse-upgrade-myspell-fr_lu
  • suse-upgrade-myspell-fr_mc
  • suse-upgrade-myspell-gd_gb
  • suse-upgrade-myspell-gl
  • suse-upgrade-myspell-gl_es
  • suse-upgrade-myspell-gu_in
  • suse-upgrade-myspell-gug
  • suse-upgrade-myspell-gug_py
  • suse-upgrade-myspell-he_il
  • suse-upgrade-myspell-hi_in
  • suse-upgrade-myspell-hr_hr
  • suse-upgrade-myspell-hu_hu
  • suse-upgrade-myspell-id
  • suse-upgrade-myspell-id_id
  • suse-upgrade-myspell-is
  • suse-upgrade-myspell-is_is
  • suse-upgrade-myspell-it_it
  • suse-upgrade-myspell-kmr_latn
  • suse-upgrade-myspell-kmr_latn_sy
  • suse-upgrade-myspell-kmr_latn_tr
  • suse-upgrade-myspell-lightproof-en
  • suse-upgrade-myspell-lightproof-hu_hu
  • suse-upgrade-myspell-lightproof-pt_br
  • suse-upgrade-myspell-lightproof-ru_ru
  • suse-upgrade-myspell-lo_la
  • suse-upgrade-myspell-lt_lt
  • suse-upgrade-myspell-lv_lv
  • suse-upgrade-myspell-nb_no
  • suse-upgrade-myspell-ne_np
  • suse-upgrade-myspell-nl_be
  • suse-upgrade-myspell-nl_nl
  • suse-upgrade-myspell-nn_no
  • suse-upgrade-myspell-no
  • suse-upgrade-myspell-oc_fr
  • suse-upgrade-myspell-pl_pl
  • suse-upgrade-myspell-pt_ao
  • suse-upgrade-myspell-pt_br
  • suse-upgrade-myspell-pt_pt
  • suse-upgrade-myspell-ro
  • suse-upgrade-myspell-ro_ro
  • suse-upgrade-myspell-ru_ru
  • suse-upgrade-myspell-si_lk
  • suse-upgrade-myspell-sk_sk
  • suse-upgrade-myspell-sl_si
  • suse-upgrade-myspell-sq_al
  • suse-upgrade-myspell-sr
  • suse-upgrade-myspell-sr_cs
  • suse-upgrade-myspell-sr_latn_cs
  • suse-upgrade-myspell-sr_latn_rs
  • suse-upgrade-myspell-sr_rs
  • suse-upgrade-myspell-sv_fi
  • suse-upgrade-myspell-sv_se
  • suse-upgrade-myspell-sw_tz
  • suse-upgrade-myspell-te
  • suse-upgrade-myspell-te_in
  • suse-upgrade-myspell-th_th
  • suse-upgrade-myspell-tr
  • suse-upgrade-myspell-tr_tr
  • suse-upgrade-myspell-uk_ua
  • suse-upgrade-myspell-vi
  • suse-upgrade-myspell-vi_vn
  • suse-upgrade-myspell-zu_za
  • suse-upgrade-python3-libixion
  • suse-upgrade-python3-liborcus

References

  • SUSE-SU-2019:1448-1
  • SUSE-SU-2019:1894-1
  • SUSE-SU-2019:2003-1
  • CVE-2018-16858
  • DSA-4381
  • USN-3883-1

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;