ArchLinux: 201908-9: libreoffice-still: multiple issues

    Date24 Aug 2019
    CategoryArchLinux
    360
    Posted ByLinuxSecurity Advisories
    The package libreoffice-still before version 6.2.6-1 is vulnerable to multiple issues including arbitrary command execution and information disclosure.
    Arch Linux Security Advisory ASA-201908-9
    =========================================
    
    Severity: High
    Date    : 2019-08-16
    CVE-ID  : CVE-2019-9848 CVE-2019-9849
    Package : libreoffice-still
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-1010
    
    Summary
    =======
    
    The package libreoffice-still before version 6.2.6-1 is vulnerable to
    multiple issues including arbitrary command execution and information
    disclosure.
    
    Resolution
    ==========
    
    Upgrade to 6.2.6-1.
    
    # pacman -Syu "libreoffice-still>=6.2.6-1"
    
    The problems have been fixed upstream in version 6.2.6.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2019-9848 (arbitrary command execution)
    
    An issue has been found in LibreOffice before 6.2.5, where documents
    can specify that pre-installed scripts can be executed on various
    document events such as mouse-over, etc. LibreOffice is typically also
    bundled with LibreLogo, a programmable turtle vector graphics script,
    which can be manipulated into executing arbitrary python commands. By
    using the document event feature to trigger LibreLogo to execute python
    contained within a document a malicious document could be constructed
    which would execute arbitrary python commands silently without warning.
    In the fixed versions, LibreLogo cannot be called from a document event
    handler.
    
    - CVE-2019-9849 (information disclosure)
    
    LibreOffice has a 'stealth mode' in which only documents from locations
    deemed 'trusted' are allowed to retrieve remote resources. This mode is
    not the default mode, but can be enabled by users who want to disable
    LibreOffice's ability to include remote resources within a document. A
    flaw existed where bullet graphics were omitted from this protection
    prior to version 6.2.5.
    
    Impact
    ======
    
    A remote attacker is able to execute arbitrary commands via a specially
    crafted document or disclose bullet graphics from locations which
    should be hidden when 'stealth mode' is enabled.
    
    References
    ==========
    
    https://security.archlinux.org/CVE-2019-9848
    https://security.archlinux.org/CVE-2019-9849
    https://www.libreoffice.org/about-us/security/advisories/cve-2019-9848
    https://github.com/LibreOffice/core/commit/5d47b7b3f6a134037f1f3d8c018505244d7be484
    https://github.com/LibreOffice/core/commit/3dd024a28a98a9d4b4efc3c7ec6acaa94d2b25fd
    https://www.libreoffice.org/about-us/security/advisories/cve-2019-9849
    https://security.archlinux.org/CVE-2019-9848
    https://security.archlinux.org/CVE-2019-9849
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"22","type":"x","order":"1","pct":55,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.5,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":32.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.