CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.8%
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.
Security Fix(es):
libreoffice: LibreLogo script can be manipulated into executing arbitrary python commands (CVE-2019-9848)
libreoffice: Insufficient URL validation allowing LibreLogo script execution (CVE-2019-9850)
libreoffice: LibreLogo global-event script execution (CVE-2019-9851)
libreoffice: Insufficient URL encoding flaw in allowed script location check (CVE-2019-9852)
libreoffice: Insufficient URL decoding flaw in categorizing macro location (CVE-2019-9853)
libreoffice: Unsafe URL assembly flaw in allowed script location check (CVE-2019-9854)
libreoffice: Remote resources protection module not applied to bullet graphics (CVE-2019-9849)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | x86_64 | libreoffice-help-zh-hant | < 5.3.6.1-24.el7 | libreoffice-help-zh-Hant-5.3.6.1-24.el7.x86_64.rpm |
RedHat | 7 | x86_64 | libreoffice-help-ko | < 5.3.6.1-24.el7 | libreoffice-help-ko-5.3.6.1-24.el7.x86_64.rpm |
RedHat | 7 | x86_64 | libreofficekit-devel | < 5.3.6.1-24.el7 | libreofficekit-devel-5.3.6.1-24.el7.x86_64.rpm |
RedHat | 7 | ppc64le | libreoffice-draw | < 5.3.6.1-24.el7 | libreoffice-draw-5.3.6.1-24.el7.ppc64le.rpm |
RedHat | 7 | x86_64 | libreoffice-help-zh-hans | < 5.3.6.1-24.el7 | libreoffice-help-zh-Hans-5.3.6.1-24.el7.x86_64.rpm |
RedHat | 7 | noarch | autocorr-sr | < 5.3.6.1-24.el7 | autocorr-sr-5.3.6.1-24.el7.noarch.rpm |
RedHat | 7 | noarch | autocorr-cs | < 5.3.6.1-24.el7 | autocorr-cs-5.3.6.1-24.el7.noarch.rpm |
RedHat | 7 | x86_64 | libreoffice-help-da | < 5.3.6.1-24.el7 | libreoffice-help-da-5.3.6.1-24.el7.x86_64.rpm |
RedHat | 7 | noarch | autocorr-da | < 5.3.6.1-24.el7 | autocorr-da-5.3.6.1-24.el7.noarch.rpm |
RedHat | 7 | x86_64 | libreoffice-help-ta | < 5.3.6.1-24.el7 | libreoffice-help-ta-5.3.6.1-24.el7.x86_64.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.8%