rpm package
suse/libreoffice&distro=SUSE Linux Enterprise Workstation Extension 15
pkg:rpm/suse/libreoffice&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-9855 | — | < 6.2.7.1-3.24.4 | 6.2.7.1-3.24.4 | Sep 6, 2019 | LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be | ||
| CVE-2019-9854 | — | < 6.2.7.1-3.24.4 | 6.2.7.1-3.24.4 | Sep 6, 2019 | LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of th | ||
| CVE-2019-9852 | — | < 6.2.6.2-3.21.1 | 6.2.6.2-3.21.1 | Aug 15, 2019 | LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of th | ||
| CVE-2019-9851 | — | < 6.2.6.2-3.21.1 | 6.2.6.2-3.21.1 | Aug 15, 2019 | LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document eve | ||
| CVE-2019-9850 | — | < 6.2.6.2-3.21.1 | 6.2.6.2-3.21.1 | Aug 15, 2019 | LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be | ||
| CVE-2019-9849 | — | < 6.2.6.2-3.21.1 | 6.2.6.2-3.21.1 | Jul 17, 2019 | LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a documen | ||
| CVE-2019-9848 | — | < 6.2.6.2-3.21.1 | 6.2.6.2-3.21.1 | Jul 17, 2019 | LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into e | ||
| CVE-2018-16858 | — | < 6.2.5.2-3.18.5 | 6.2.5.2-3.18.5 | Mar 25, 2019 | It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python metho | ||
| CVE-2018-10583 | — | < 6.0.5.2-3.3.5 | 6.0.5.2-3.3.5 | May 1, 2018 | An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content |
- CVE-2019-9855Sep 6, 2019affected < 6.2.7.1-3.24.4fixed 6.2.7.1-3.24.4
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be
- CVE-2019-9854Sep 6, 2019affected < 6.2.7.1-3.24.4fixed 6.2.7.1-3.24.4
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of th
- CVE-2019-9852Aug 15, 2019affected < 6.2.6.2-3.21.1fixed 6.2.6.2-3.21.1
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of th
- CVE-2019-9851Aug 15, 2019affected < 6.2.6.2-3.21.1fixed 6.2.6.2-3.21.1
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document eve
- CVE-2019-9850Aug 15, 2019affected < 6.2.6.2-3.21.1fixed 6.2.6.2-3.21.1
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be
- CVE-2019-9849Jul 17, 2019affected < 6.2.6.2-3.21.1fixed 6.2.6.2-3.21.1
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a documen
- CVE-2019-9848Jul 17, 2019affected < 6.2.6.2-3.21.1fixed 6.2.6.2-3.21.1
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into e
- CVE-2018-16858Mar 25, 2019affected < 6.2.5.2-3.18.5fixed 6.2.5.2-3.18.5
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python metho
- CVE-2018-10583May 1, 2018affected < 6.0.5.2-3.3.5fixed 6.0.5.2-3.3.5
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content