CVE-2022-3140Improper Input Validation in Document Foundation Libreoffice

CWE-20Improper Input ValidationCWE-88Argument Injection8 documents7 sources
Severity
6.3MEDIUMNVD
OSV5.3
EPSS
1.3%
top 20.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
THE Document Foundation LibreofficeLibreofficeDebian Linux+1 more
Timeline
PublishedOct 11
Latest updateOct 20

Description

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages4 packages

CVEListV5the_document_foundation/libreoffice7.47.4.1+1
NVDlibreoffice/libreoffice7.3.07.3.6+1
Debianlibreoffice/libreoffice< 1:7.0.4-4+deb11u4+3
Ubuntulibreoffice/libreoffice< 1:6.0.7-0ubuntu0.18.04.12+2

Also affects: Debian Linux 11.0, Fedora 35

🔴Vulnerability Details

4
OSV
libreoffice vulnerabilities2022-10-20
GHSA
GHSA-6ggr-6xf8-p64w: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server2022-10-12
OSV
CVE-2022-3140: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server2022-10-11
CVEList
Macro URL arbitrary script execution2022-10-11

📋Vendor Advisories

3
Ubuntu
LibreOffice vulnerabilities2022-10-20
Red Hat
libreoffice: Macro URL arbitrary script execution2022-10-11
Debian
CVE-2022-3140: libreoffice - LibreOffice supports Office URI Schemes to enable browser integration of LibreOf...2022
CVE-2022-3140 — Improper Input Validation | cvebase