Arch Linux Security Advisory ASA-201908-9
========================================
Severity: High
Date    : 2019-08-16
CVE-ID  : CVE-2019-9848 CVE-2019-9849
Package : libreoffice-still
Type    : multiple issues
Remote  : Yes
Link    : https://security.archlinux.org/AVG-1010

Summary
======
The package libreoffice-still before version 6.2.6-1 is vulnerable to
multiple issues including arbitrary command execution and information
disclosure.

Resolution
=========
Upgrade to 6.2.6-1.

# pacman -Syu "libreoffice-still>=6.2.6-1"

The problems have been fixed upstream in version 6.2.6.

Workaround
=========
None.

Description
==========
- CVE-2019-9848 (arbitrary command execution)

An issue has been found in LibreOffice before 6.2.5, where documents
can specify that pre-installed scripts can be executed on various
document events such as mouse-over, etc. LibreOffice is typically also
bundled with LibreLogo, a programmable turtle vector graphics script,
which can be manipulated into executing arbitrary python commands. By
using the document event feature to trigger LibreLogo to execute python
contained within a document a malicious document could be constructed
which would execute arbitrary python commands silently without warning.
In the fixed versions, LibreLogo cannot be called from a document event
handler.

- CVE-2019-9849 (information disclosure)

LibreOffice has a 'stealth mode' in which only documents from locations
deemed 'trusted' are allowed to retrieve remote resources. This mode is
not the default mode, but can be enabled by users who want to disable
LibreOffice's ability to include remote resources within a document. A
flaw existed where bullet graphics were omitted from this protection
prior to version 6.2.5.

Impact
=====
A remote attacker is able to execute arbitrary commands via a specially
crafted document or disclose bullet graphics from locations which
should be hidden when 'stealth mode' is enabled.

References
=========
https://security.archlinux.org/CVE-2019-9848
https://security.archlinux.org/CVE-2019-9849
https://www.libreoffice.org/about-us/security/advisories/cve-2019-9848
https://github.com/LibreOffice/core/commit/5d47b7b3f6a134037f1f3d8c018505244d7be484
https://github.com/LibreOffice/core/commit/3dd024a28a98a9d4b4efc3c7ec6acaa94d2b25fd
https://www.libreoffice.org/about-us/security/advisories/cve-2019-9849
https://security.archlinux.org/CVE-2019-9848
https://security.archlinux.org/CVE-2019-9849

ArchLinux: 201908-9: libreoffice-still: multiple issues

August 24, 2019

Summary

- CVE-2019-9848 (arbitrary command execution) An issue has been found in LibreOffice before 6.2.5, where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler.
- CVE-2019-9849 (information disclosure)
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5.

Resolution

Upgrade to 6.2.6-1. # pacman -Syu "libreoffice-still>=6.2.6-1"
The problems have been fixed upstream in version 6.2.6.

References

https://security.archlinux.org/CVE-2019-9848 https://security.archlinux.org/CVE-2019-9849 https://www.libreoffice.org/about-us/security/advisories/cve-2019-9848 https://github.com/LibreOffice/core/commit/5d47b7b3f6a134037f1f3d8c018505244d7be484 https://github.com/LibreOffice/core/commit/3dd024a28a98a9d4b4efc3c7ec6acaa94d2b25fd https://www.libreoffice.org/about-us/security/advisories/cve-2019-9849 https://security.archlinux.org/CVE-2019-9848 https://security.archlinux.org/CVE-2019-9849

Severity
Package : libreoffice-still
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1010

Workaround

None.

Related News

11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved