Debian Libreoffice vulnerabilities

CVE-2021-25634 [HIGH] CVE-2021-25634: libreoffice - LibreOffice supports digital signatures of ODF documents and macros within docum... LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signi

CVE-2021-25633 [HIGH] CVE-2021-25633: libreoffice - LibreOffice supports digital signatures of ODF documents and macros within docum... LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the document

CVE-2021-25636 [HIGH] CVE-2021-25636: libreoffice - LibreOffice supports digital signatures of ODF documents and macros within docum... LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the document

CVE-2021-25635 [MEDIUM] CVE-2021-25635: libreoffice - An Improper Certificate Validation vulnerability in LibreOffice allowed an atta... An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a valid signature

CVE-2021-25631 [HIGH] CVE-2021-25631: libreoffice - In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series ... In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolve

CVE-2020-12803 [MEDIUM] CVE-2020-12803: libreoffice - ODF documents can contain forms to be filled out by the user. Similar to HTML fo... ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need for macros or other active scripting Prior to version 6.4.4 LibreO

CVE-2020-12801 [MEDIUM] CVE-2020-12801: libreoffice - If LibreOffice has an encrypted document open and crashes, that document is auto... If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice

CVE-2020-12802 [MEDIUM] CVE-2020-12802: libreoffice - LibreOffice has a 'stealth mode' in which only documents from locations deemed '... LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitt

CVE-2019-9850 [CRITICAL] CVE-2019-9850: libreoffice - LibreOffice is typically bundled with LibreLogo, a programmable turtle vector gr... LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection wa

CVE-2019-9851 [CRITICAL] CVE-2019-9851: libreoffice - LibreOffice is typically bundled with LibreLogo, a programmable turtle vector gr... LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate featur

CVE-2019-9848 [CRITICAL] CVE-2019-9848: libreoffice - LibreOffice has a feature where documents can specify that pre-installed scripts... LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger

CVE-2019-9853 [HIGH] CVE-2019-9853: libreoffice - LibreOffice documents can contain macros. The execution of those macros is contr... LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypass

CVE-2019-9852 [HIGH] CVE-2019-9852: libreoffice - LibreOffice has a feature where documents can specify that pre-installed macros ... LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2018-16858, to avoid a dir

CVE-2019-9854 [HIGH] CVE-2019-9854: libreoffice - LibreOffice has a feature where documents can specify that pre-installed macros ... LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a dire

CVE-2019-9849 [MEDIUM] CVE-2019-9849: libreoffice - LibreOffice has a 'stealth mode' in which only documents from locations deemed '... LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to v

CVE-2019-9855 [CRITICAL] CVE-2019-9855: libreoffice - LibreOffice is typically bundled with LibreLogo, a programmable turtle vector gr... LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection wa

CVE-2019-9847 [HIGH] CVE-2019-9847: libreoffice - A vulnerability in LibreOffice hyperlink processing allows an attacker to constr... A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally launched. Under Windows and macOS when processing a hyperlink target explicitly activated

CVE-2018-6871 [CRITICAL] CVE-2018-6871: libreoffice - LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read ar... LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. Scope: local bookworm: resolved (fixed in 1:6.0.1-1) bullseye: resolved (fixed in 1:6.0.1-1) forky: resolved (fixed in 1:6.0.1-1) sid: resolved (fixed in 1:6.0.1-1) trixie: resolved

CVE-2018-11790 [HIGH] CVE-2018-11790: libreoffice - When loading a document with Apache Open Office 4.1.5 and earlier with smaller e... When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation. Scope: local bookworm: resolved (fixed in 1:4.0.3-1) bullseye: resolved (fixed in 1:4.0.3-1) forky: resolved (fixed in 1:4.0

CVE-2018-16858 [HIGH] CVE-2018-16858: libreoffice - It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to ... It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the Lib