CVE-2025-1080
published 2025-03-04CVE-2025-1080: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command'…
PriorityP340high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.29%
20.8th percentile
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments.
This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | libreoffice | < libreoffice 4:7.4.7-1+deb12u7 (bookworm) | libreoffice 4:7.4.7-1+deb12u7 (bookworm) |
| libreoffice | libreoffice | >= 0 < 1:7.0.4-4+deb11u13 | 1:7.0.4-4+deb11u13 |
| libreoffice | libreoffice | >= 0 < 4:7.4.7-1+deb12u7 | 4:7.4.7-1+deb12u7 |
| libreoffice | libreoffice | >= 0 < 4:24.8.5-1 | 4:24.8.5-1 |
| libreoffice | libreoffice | >= 0 < 4:24.8.5-1 | 4:24.8.5-1 |
| libreoffice | libreoffice | >= 24.8.0.0 < 24.8.5.1 | 24.8.5.1 |
| libreoffice | libreoffice | >= 25.2.0.0 < 25.2.1.1 | 25.2.1.1 |
| the_document_foundation | libreoffice | >= 24.8 < < 24.8.5 | < 24.8.5 |
| the_document_foundation | libreoffice | >= 25.2 < < 25.2.1 | < 25.2.1 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv4.07.2HIGHCVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv7.2HIGH
vendor_debian7.2HIGH
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2025-1080: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server
osv·2025-03-04·CVSS 7.2
CVE-2025-1080 [HIGH] CVE-2025-1080: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.
GHSA
GHSA-gcgr-r4x5-w79r: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server
ghsa_unreviewed·2025-03-04
CVE-2025-1080 [HIGH] CWE-20 GHSA-gcgr-r4x5-w79r: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments.
This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.
Ubuntu
LibreOffice vulnerability
vendor_ubuntu·2025-03-10
CVE-2025-1080 LibreOffice vulnerability
Title: LibreOffice vulnerability
Summary: LibreOffice could be made to run programs if it opened a specially crafted
file.
It was discovered that LibreOffice incorrectly handled Office URI Schemes.
If a user or automated system were tricked into opening a specially crafted
LibreOffice file, a remote attacker could possibly use this issue to call
internal macros.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
libreoffice: Macro URL arbitrary script execution
vendor_redhat·2025-03-04·CVSS 7.2
CVE-2025-1080 [HIGH] CWE-20 libreoffice: Macro URL arbitrary script execution
libreoffice: Macro URL arbitrary script execution
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments.
This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.
A flaw was found in LibreOffice. In the affected versions of LibreOffice, a link in a browser using that scheme could be constructed with an embedded inner URL that, when passed to LibreOffice, could call internal macros with arbitrary arguments.
Statement
Debian
CVE-2025-1080: libreoffice - LibreOffice supports Office URI Schemes to enable browser integration of LibreOf...
vendor_debian·2025·CVSS 7.2
CVE-2025-1080 [HIGH] CVE-2025-1080: libreoffice - LibreOffice supports Office URI Schemes to enable browser integration of LibreOf...
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.
Scope: local
bookworm: resolved (fixed in 4:7.4.7-1+deb12u7)
bullseye: resolved (fixed in 1:7.0.4-4+deb11u13)
forky: resolved (fixed in 4:24.8.5-1)
sid: resolved (fixed in 4:24.8.5-1)
trixie: resolved (fixed in 4:24.8.5-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-04
Published