CVE-2023-6186
published 2023-12-11CVE-2023-6186: Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected…
PriorityP353high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.77%
51.1th percentile
Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.
In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libreoffice | < libreoffice 4:7.4.7-1+deb12u1 (bookworm) | libreoffice 4:7.4.7-1+deb12u1 (bookworm) |
| fedoraproject | fedora | — | — |
| libreoffice | libreoffice | >= 0 < 1:7.0.4-4+deb11u8 | 1:7.0.4-4+deb11u8 |
| libreoffice | libreoffice | >= 0 < 4:7.4.7-1+deb12u1 | 4:7.4.7-1+deb12u1 |
| libreoffice | libreoffice | >= 0 < 4:7.6.4~rc1-1 | 4:7.6.4~rc1-1 |
| libreoffice | libreoffice | >= 0 < 4:7.6.4~rc1-1 | 4:7.6.4~rc1-1 |
| libreoffice | libreoffice | >= 0 < 1:6.4.7-0ubuntu0.20.04.9 | 1:6.4.7-0ubuntu0.20.04.9 |
| libreoffice | libreoffice | >= 0 < 1:7.3.7-0ubuntu0.22.04.4 | 1:7.3.7-0ubuntu0.22.04.4 |
| libreoffice | libreoffice | >= 0 < 4:7.6.4-0ubuntu0.23.10.1 | 4:7.6.4-0ubuntu0.23.10.1 |
| libreoffice | libreoffice | >= 7.5.0 < 7.5.9 | 7.5.9 |
| libreoffice | libreoffice | >= 7.6.0 < 7.6.4 | 7.6.4 |
| the_document_foundation | libreoffice | >= 7.5 < 7.5.9 | 7.5.9 |
| the_document_foundation | libreoffice | >= 7.6 < 7.6.4 | 7.6.4 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.3HIGH
vendor_redhat8.3HIGH
vendor_ubuntu8.3HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
libreoffice vulnerabilities
osv·2023-12-14·CVSS 8.8
CVE-2023-6185 [HIGH] libreoffice vulnerabilities
libreoffice vulnerabilities
USN-6546-1 fixed vulnerabilities in LibreOffice. This update provides the
corresponding updates for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
Original advisory details:
Reginaldo Silva discovered that LibreOffice incorrectly handled filenames
when passing embedded videos to GStreamer. If a user were tricked into
opening a specially crafted file, a remote attacker could possibly use this
issue to execute arbitrary GStreamer plugins. (CVE-2023-6185)
Reginaldo Silva discovered that LibreOffice incorrectly handled certain
non-typical hyperlinks. If a user were tricked into opening a specially
crafted file, a remote attacker could possibly use this issue to execute
arbitrary scripts. (CVE-2023-6186)
OSV
libreoffice vulnerabilities
osv·2023-12-11·CVSS 8.8
CVE-2023-6185 [HIGH] libreoffice vulnerabilities
libreoffice vulnerabilities
Reginaldo Silva discovered that LibreOffice incorrectly handled filenames
when passing embedded videos to GStreamer. If a user were tricked into
opening a specially crafted file, a remote attacker could possibly use this
issue to execute arbitrary GStreamer plugins. (CVE-2023-6185)
Reginaldo Silva discovered that LibreOffice incorrectly handled certain
non-typical hyperlinks. If a user were tricked into opening a specially
crafted file, a remote attacker could possibly use this issue to execute
arbitrary scripts. (CVE-2023-6186)
GHSA
GHSA-q565-g228-cgg3: Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning
ghsa_unreviewed·2023-12-11
CVE-2023-6186 [HIGH] CWE-281 GHSA-q565-g228-cgg3: Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning
Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.
In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.
OSV
CVE-2023-6186: Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning
osv·2023-12-11·CVSS 8.8
CVE-2023-6186 [HIGH] CVE-2023-6186: Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning
Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.
Ubuntu
LibreOffice vulnerabilities
vendor_ubuntu·2023-12-14·CVSS 8.3
CVE-2023-6186 [HIGH] LibreOffice vulnerabilities
Title: LibreOffice vulnerabilities
Summary: Several security issues were fixed in LibreOffice.
USN-6546-1 fixed vulnerabilities in LibreOffice. This update provides the
corresponding updates for Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
Original advisory details:
Reginaldo Silva discovered that LibreOffice incorrectly handled filenames
when passing embedded videos to GStreamer. If a user were tricked into
opening a specially crafted file, a remote attacker could possibly use this
issue to execute arbitrary GStreamer plugins. (CVE-2023-6185)
Reginaldo Silva discovered that LibreOffice incorrectly handled certain
non-typical hyperlinks. If a user were tricked into opening a specially
crafted file, a remote attacker could possibly use this issue to execute
arbitrary scripts. (CVE-2023-6186)
Ubuntu
LibreOffice vulnerabilities
vendor_ubuntu·2023-12-11·CVSS 8.3
CVE-2023-6186 [HIGH] LibreOffice vulnerabilities
Title: LibreOffice vulnerabilities
Summary: Several security issues were fixed in LibreOffice.
Reginaldo Silva discovered that LibreOffice incorrectly handled filenames
when passing embedded videos to GStreamer. If a user were tricked into
opening a specially crafted file, a remote attacker could possibly use this
issue to execute arbitrary GStreamer plugins. (CVE-2023-6185)
Reginaldo Silva discovered that LibreOffice incorrectly handled certain
non-typical hyperlinks. If a user were tricked into opening a specially
crafted file, a remote attacker could possibly use this issue to execute
arbitrary scripts. (CVE-2023-6186)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
libreoffice: Insufficient macro permission validation leading to macro execution
vendor_redhat·2023-12-11·CVSS 8.3
CVE-2023-6186 [HIGH] CWE-250 libreoffice: Insufficient macro permission validation leading to macro execution
libreoffice: Insufficient macro permission validation leading to macro execution
Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.
In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.
An insufficient permission validation vulnerability was found in LibreOffice. In versions that support running commands in hyperlinks, an attacker can execute built-in macros without warning the user.
Package: libreoffice (Red Hat Enterprise Linux 6) - Out of support scope
Package: libreoffice (Red Hat Enterprise Linux 7) - Will not fix
Package: libreoffice:flatpak/libreoffice (Red Hat Enterprise Linux 8)
Debian
CVE-2023-6186: libreoffice - Insufficient macro permission validation of The Document Foundation LibreOffice ...
vendor_debian·2023·CVSS 8.3
CVE-2023-6186 [HIGH] CVE-2023-6186: libreoffice - Insufficient macro permission validation of The Document Foundation LibreOffice ...
Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.
Scope: local
bookworm: resolved (fixed in 4:7.4.7-1+deb12u1)
bullseye: resolved (fixed in 1:7.0.4-4+deb11u8)
forky: resolved (fixed in 4:7.6.4~rc1-1)
sid: resolved (fixed in 4:7.6.4~rc1-1)
trixie: resolved (fixed in 4:7.6.4~rc1-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://lists.debian.org/debian-lts-announce/2023/12/msg00026.htmlhttps://lists.fedoraproject.org/archives/list/[email protected]/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/https://www.debian.org/security/2023/dsa-5574https://www.libreoffice.org/about-us/security/advisories/cve-2023-6186https://lists.debian.org/debian-lts-announce/2023/12/msg00026.htmlhttps://lists.fedoraproject.org/archives/list/[email protected]/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/https://www.debian.org/security/2023/dsa-5574https://www.libreoffice.org/about-us/security/advisories/cve-2023-6186
2023-12-11
Published