CVE-2019-9852Improper Encoding or Escaping of Output in Foundation Libreoffice

CWE-116Improper Encoding or Escaping of OutputCWE-22Path TraversalCWE-284Improper Access Control17 documents8 sources
Severity
7.8HIGHNVD
OSV9.8
EPSS
0.1%
top 71.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Document Foundation LibreofficeLibreofficeDebian Libreoffice+5 more
Timeline
PublishedAug 15
Latest updateMay 24

Description

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed. However this new protection could b

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

CVEListV5document_foundation/libreoffice6.26.2.7+2
debiandebian/libreoffice< libreoffice 1:6.3.0-1 (bookworm)+1
NVDlibreoffice/libreoffice6.2.06.2.7+2
Debianlibreoffice/libreoffice< 1:6.3.1~rc2-1+7
Ubuntulibreoffice/libreoffice< 1:5.1.6~rc2-0ubuntu1~xenial9+1

Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 29, Ubuntu Linux 16.04, 18.04, 19.04, Enterprise Linux 7.0, 8.0

Patches

Patch: www.libreoffice.orgPatch: www.libreoffice.org

🔴Vulnerability Details

7
GHSA
GHSA-vgrf-j225-8963: LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-2022-05-24
GHSA
GHSA-54x7-phmv-8vq8: LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-2022-05-24
OSV
CVE-2019-9854: LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-2019-09-06
CVEList
Unsafe URL assembly flaw in allowed script location check2019-09-06
OSV
libreoffice vulnerabilities2019-08-19

📋Vendor Advisories

5
Red Hat
libreoffice: Unsafe URL assembly flaw in allowed script location check2019-09-06
Ubuntu
LibreOffice vulnerabilities2019-08-19
Red Hat
libreoffice: Insufficient URL encoding flaw in allowed script location check2019-08-15
Debian
CVE-2019-9852: libreoffice - LibreOffice has a feature where documents can specify that pre-installed macros ...2019
Debian
CVE-2019-9854: libreoffice - LibreOffice has a feature where documents can specify that pre-installed macros ...2019

💬Community

3
Bugzilla
CVE-2019-9854 libreoffice: Unsafe URL assembly flaw in allowed script location check2019-11-07
Bugzilla
CVE-2019-9852 libreoffice: Insufficient URL encoding flaw in allowed script location check2019-08-23
Bugzilla
CVE-2019-9852 libreoffice: Insufficient URL encoding flaw in allowed script location check [fedora-all]2019-08-23