CVE-2020-12802 – remote graphics contained in docx format retrieved in 'stealth mode'
https://notcve.org/view.php?id=CVE-2020-12802
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where remote graphic links loaded from docx documents were omitted from this protection prior to version 6.4.4. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4. LibreOffice tiene un "stealth mode" en el que solo los documentos de ubicaciones consideradas "trusted" pueden recuperar recursos remotos. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00058.html https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQIBAKXD7VO5IGBD7ZMH3GGBNR5R2IOA https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802 https://access.redhat.com/security/cve/CVE-2020-12802 https://bugzilla.redhat.com/show_bug.cgi?i • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2020-12801 – Crash-recovered MSOffice encrypted documents defaulted to not to using encryption on next save
https://notcve.org/view.php?id=CVE-2020-12801
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801 • CWE-311: Missing Encryption of Sensitive Data CWE-312: Cleartext Storage of Sensitive Information •
CVE-2012-5639
https://notcve.org/view.php?id=CVE-2012-5639
LibreOffice and OpenOffice automatically open embedded content LibreOffice y OpenOffice abren automáticamente el contenido insertado. • http://www.openwall.com/lists/oss-security/2012/12/14/1 http://www.openwall.com/lists/oss-security/2023/12/28/6 http://www.openwall.com/lists/oss-security/2024/01/03/6 http://www.openwall.com/lists/oss-security/2024/01/03/7 https://access.redhat.com/security/cve/cve-2012-5639 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639 https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E https://sec • CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2019-9853 – Insufficient URL decoding flaw in categorizing macro location
https://notcve.org/view.php?id=CVE-2019-9853
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1. Los documentos de LibreOffice pueden contener macros. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html http://seclists.org/fulldisclosure/2020/Feb/23 https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be • CWE-116: Improper Encoding or Escaping of Output CWE-838: Inappropriate Encoding for Output Context •
CVE-2019-9855 – Windows 8.3 path equivalence handling flaw allows LibreLogo script execution
https://notcve.org/view.php?id=CVE-2019-9855
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855 • CWE-417: Communication Channel Errors •