A flaw was found in the Libreoffice package. An attacker can craft an odb containing a “database/script” file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
CPE | Name | Operator | Version |
---|---|---|---|
fedora | eq | 38 | |
libreoffice | eq | 7.5.0 | |
libreoffice | lt | 7.4.6 | |
enterprise_linux | eq | 8.0 | |
enterprise_linux | eq | 9.0 |