Description
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
Configuration 4 [-]
|
Configuration 5 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 7 | |||
| libreoffice-1:5.3.6.1-19.el7 | cpe:/o:redhat:enterprise_linux:7 | RHSA-2018:3054 | 2018-10-30T00:00:00Z |
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Ubuntu USN |
USN-3883-1 | LibreOffice vulnerabilities |
References
History
No history.
Subscriptions
Apache
Subscribe
Openoffice
Subscribe
Canonical
Subscribe
Ubuntu Linux
Subscribe
Debian
Subscribe
Debian Linux
Subscribe
Libreoffice
Subscribe
Libreoffice
Subscribe
Redhat
Subscribe
Enterprise Linux
Subscribe
Enterprise Linux Desktop
Subscribe
Enterprise Linux Server
Subscribe
Enterprise Linux Workstation
Subscribe
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T07:39:08.539Z
Reserved: 2018-05-01T00:00:00.000Z
Link: CVE-2018-10583
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-05-01T16:29:00.383
Modified: 2024-11-21T03:41:36.390
Link: CVE-2018-10583
Redhat
OpenCVE Enrichment
No data.
Weaknesses