CVSS: 5.5EPSS: 6%CPEs: 5EXPL: 0CVE-2023-1183 – Arbitrary file write
https://notcve.org/view.php?id=CVE-2023-1183
22 Jun 2023 — A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. Gregor Kopf of Secfault Security GmbH discovered that HSQLDB, a Java SQL database engine, allowed the execution of spurious scripting commands in .script and .log files. Hsqldb supports a "SCRIPT" keyword which is normally used to record the commands input by the databas... • http://www.openwall.com/lists/oss-security/2023/12/28/4 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-25635 – Content Manipulation with Certificate Validation Attack
https://notcve.org/view.php?id=CVE-2021-25635
11 May 2022 — An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a valid signature issued by a trusted person This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1. A flaw was found in LibreOffice, where it im... • https://www.libreoffice.org/about-us/security/advisories/cve-2021-25635 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-25634 – Timestamp Manipulation with Signature Wrapping
https://notcve.org/view.php?id=CVE-2021-25634
12 Oct 2021 — LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Documen... • https://www.debian.org/security/2021/dsa-4988 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-25633 – Content Manipulation with Double Certificate Attack
https://notcve.org/view.php?id=CVE-2021-25633
11 Oct 2021 — LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to displ... • https://www.debian.org/security/2021/dsa-4988 • CWE-295: Improper Certificate Validation •
CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 1CVE-2021-25631 – denylist of executable filename extensions possible to bypass under windows
https://notcve.org/view.php?id=CVE-2021-25631
03 May 2021 — In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type. En la serie LibreOffice 7-1 en versiones anteriores a 7.1.2, y en la serie 7-0 en versiones anteriores a 7.0.5, la denylist puede ser omitida al manipular el enlace para que no coincida con la denylist pero resulte en ShellExecute intentando in... • https://positive.security/blog/url-open-rce#open-libreoffice • CWE-184: Incomplete List of Disallowed Inputs •