General : LibreOffice Multiple Vulnerabilities (Jul 2019)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.815423

Categoría: General

Título: LibreOffice Multiple Vulnerabilities (Jul 2019) - Mac OS X

Resumen: LibreOffice is prone to multiple vulnerabilities.

Descripción: Summary:
LibreOffice is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An improper validation for user supplied input when document event feature
trigger LibreLogo to execute python contained within a document.

- Remote bullet graphics were omitted from stealth mode protection.

Vulnerability Impact:
Successful exploitation will allow attackers
to execute arbitrary python commands silently without warning and retrieve
remote resources from untrusted locations.

Affected Software/OS:
LibreOffice prior to version 6.2.5.

Solution:
Update to version 6.2.5 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-9848
BugTraq ID: 109374
http://www.securityfocus.com/bid/109374
Bugtraq: 20190815 [SECURITY] [DSA 4501-1] libreoffice security update (Google Search)
https://seclists.org/bugtraq/2019/Aug/28
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/
https://security.gentoo.org/glsa/201908-13
https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html
SuSE Security Announcement: openSUSE-SU-2019:2057 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html
SuSE Security Announcement: openSUSE-SU-2019:2183 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html
https://usn.ubuntu.com/4063-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-9849

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.815423
Categoría:	General
Título:	LibreOffice Multiple Vulnerabilities (Jul 2019) - Mac OS X
Resumen:	LibreOffice is prone to multiple vulnerabilities.
Descripción:	Summary: LibreOffice is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An improper validation for user supplied input when document event feature trigger LibreLogo to execute python contained within a document. - Remote bullet graphics were omitted from stealth mode protection. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary python commands silently without warning and retrieve remote resources from untrusted locations. Affected Software/OS: LibreOffice prior to version 6.2.5. Solution: Update to version 6.2.5 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-9848 BugTraq ID: 109374 http://www.securityfocus.com/bid/109374 Bugtraq: 20190815 [SECURITY] [DSA 4501-1] libreoffice security update (Google Search) https://seclists.org/bugtraq/2019/Aug/28 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPTZJCNN52VNGSVC5DFKVW3EDMRDWKMP/ https://security.gentoo.org/glsa/201908-13 https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html SuSE Security Announcement: openSUSE-SU-2019:2057 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html SuSE Security Announcement: openSUSE-SU-2019:2183 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html https://usn.ubuntu.com/4063-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-9849
Copyright	Copyright (C) 2019 Greenbone Networks GmbH