CVE-2023-0950
published 2023-05-25CVE-2023-0950: Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet…
PriorityP339high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.30%
21.6th percentile
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | libreoffice | < libreoffice 4:7.4.5-3 (bookworm) | libreoffice 4:7.4.5-3 (bookworm) |
| libreoffice | libreoffice | >= 0 < 1:7.0.4-4+deb11u7 | 1:7.0.4-4+deb11u7 |
| libreoffice | libreoffice | >= 0 < 4:7.4.5-3 | 4:7.4.5-3 |
| libreoffice | libreoffice | >= 0 < 4:7.4.5-3 | 4:7.4.5-3 |
| libreoffice | libreoffice | >= 0 < 4:7.4.5-3 | 4:7.4.5-3 |
| libreoffice | libreoffice | >= 0 < 1:6.4.7-0ubuntu0.20.04.8 | 1:6.4.7-0ubuntu0.20.04.8 |
| libreoffice | libreoffice | >= 0 < 1:7.3.7-0ubuntu0.22.04.3 | 1:7.3.7-0ubuntu0.22.04.3 |
| libreoffice | libreoffice | >= 7.4.0 < 7.4.6 | 7.4.6 |
| libreoffice | libreoffice | >= 7.5.0 < 7.5.2 | 7.5.2 |
| the_document_foundation | libreoffice | >= 7.4 < 7.4.6 | 7.4.6 |
| the_document_foundation | libreoffice | >= 7.5 < 7.5.1 | 7.5.1 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
libreoffice vulnerabilities
osv·2023-06-07·CVSS 7.8
CVE-2023-0950 [HIGH] libreoffice vulnerabilities
libreoffice vulnerabilities
It was discovered that LibreOffice did not properly validate the number of
parameters passed to the formula interpreter, leading to an array index
underflow attack. If a user were tricked into opening a specially crafted
spreadsheet file, an attacker could possibly use this issue to execute
arbitrary code. (CVE-2023-0950)
Amel Bouziane-Leblond discovered that LibreOffice did not prompt the user
before loading the host document inside an IFrame. If a user were tricked
into opening a specially crafted input file, an attacker could possibly use
this issue to cause information disclosure or execute arbitrary code.
(CVE-2023-2255)
GHSA
GHSA-qv23-hw3g-384q: Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spr
ghsa_unreviewed·2023-05-25
CVE-2023-0950 [HIGH] CWE-129 GHSA-qv23-hw3g-384q: Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spr
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.
OSV
CVE-2023-0950: Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spr
osv·2023-05-25·CVSS 7.8
CVE-2023-0950 [HIGH] CVE-2023-0950: Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spr
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.
Ubuntu
LibreOffice vulnerabilities
vendor_ubuntu·2023-06-07·CVSS 7.8
CVE-2023-2255 [HIGH] LibreOffice vulnerabilities
Title: LibreOffice vulnerabilities
Summary: Several security issues were fixed in LibreOffice.
It was discovered that LibreOffice did not properly validate the number of
parameters passed to the formula interpreter, leading to an array index
underflow attack. If a user were tricked into opening a specially crafted
spreadsheet file, an attacker could possibly use this issue to execute
arbitrary code. (CVE-2023-0950)
Amel Bouziane-Leblond discovered that LibreOffice did not prompt the user
before loading the host document inside an IFrame. If a user were tricked
into opening a specially crafted input file, an attacker could possibly use
this issue to cause information disclosure or execute arbitrary code.
(CVE-2023-2255)
Instructions: In general, a standard system update will make all th
Red Hat
libreoffice: Array index underflow in Calc formula parsing
vendor_redhat·2023-05-25·CVSS 7.8
CVE-2023-0950 [HIGH] CWE-129 libreoffice: Array index underflow in Calc formula parsing
libreoffice: Array index underflow in Calc formula parsing
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.
A vulnerability was found in LibreOffice. Improper validation of the array index in the spreadsheet componen
Debian
CVE-2023-0950: libreoffice - Improper Validation of Array Index vulnerability in the spreadsheet component of...
vendor_debian·2023·CVSS 7.8
CVE-2023-0950 [HIGH] CVE-2023-0950: libreoffice - Improper Validation of Array Index vulnerability in the spreadsheet component of...
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.
Scope: local
bookworm: resolved (fixed in 4:7.4.5-3)
bullseye: resolved (fixed in 1:7.0.4-4+deb11u7)
forky: resolved (fixed in 4:7.4.5-3)
sid: resolved (fixed in 4:7.4.5
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://lists.debian.org/debian-lts-announce/2023/08/msg00014.htmlhttps://security.gentoo.org/glsa/202311-15https://www.debian.org/security/2023/dsa-5415https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950https://lists.debian.org/debian-lts-announce/2023/08/msg00014.htmlhttps://security.gentoo.org/glsa/202311-15https://www.debian.org/security/2023/dsa-5415https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950
2023-05-25
Published