Debian 8: DLA-1947-1 Critical: LibreOffice Document Security Issues
debian lts
October 6, 2019
Several vulnerabilities were discovered in LibreOffice, the office productivity suite
Topics Covered
Summary
CVE-2019-9848
Nils Emmerich discovered that malicious documents could execute
arbitrary Python code via LibreLogo.
CVE-2019-9849
Matei Badanoiu discovered that the stealth mode did not apply to
bullet graphics.
CVE-2019-9850
It was discovered that the protections implemented in CVE-2019-9848
could be bypassed because of insufficient URL validation.
CVE-2019-9851
Gabriel Masei discovered that malicious documents could execute
arbitrary pre-installed scripts.
CVE-2019-9852
Nils Emmerich discovered that the protection implemented to address
CVE-2018-16858 could be bypassed by a URL encoding attack.
CVE-2019-9853
Nils Emmerich discovered that malicious documents could bypass
document security settings to execute macros contained within the
document.
CVE-2019-9854
It was discovered that the protection implemented to address
CVE-2019-9852 could be bypassed because of insufficient input
sanitization.
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
<pre><font face="Courier">Package: libreoffice
Version: 1:4.3.3-2+deb8u13
CVE ID: CVE-2019-9848 CVE-2019-9849 CVE-2019-9850 CVE-2019-9851
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!