Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | libreoffice | < 4:7.4.7-1+deb12u2 | libreoffice_4:7.4.7-1+deb12u2_all.deb |
Debian | 11 | all | libreoffice | < 1:7.0.4-4+deb11u9 | libreoffice_1:7.0.4-4+deb11u9_all.deb |
Debian | 999 | all | libreoffice | < 4:24.2.3~rc1-2 | libreoffice_4:24.2.3~rc1-2_all.deb |
Debian | 13 | all | libreoffice | < 4:24.2.3~rc1-2 | libreoffice_4:24.2.3~rc1-2_all.deb |