Showing 1 - 3 of 3

CVE-2023-0950

Status Candidate

Overview

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.

Related Files

Gentoo Linux Security Advisory 202311-15: Posted Nov 27, 2023; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202311-15 - Multiple vulnerabilities have been discovered in LibreOffice, the worst of which could lead to code execution. Versions greater than or equal to 7.5.3.2 are affected.; tags | advisory, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2023-0950, CVE-2023-2255; SHA-256 | 8565cab1b912e7da5df400c5a54f2c932ad31b19603f377bda4e59992ce4adbd; Download | Favorite | View

Ubuntu Security Notice USN-6144-1: Posted Jun 7, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6144-1 - It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to execute arbitrary code. Amel Bouziane-Leblond discovered that LibreOffice did not prompt the user before loading the host document inside an IFrame. If a user were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause information disclosure or execute arbitrary code.; tags | advisory, arbitrary, info disclosure; systems | linux, ubuntu; advisories | CVE-2023-0950, CVE-2023-2255; SHA-256 | 37dcbd392a52b90efbebd568b820d59b5bc9cea60ef156e11a7091896e446143; Download | Favorite | View

Debian Security Advisory 5415-1: Posted May 29, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5415-1 - Two security issues were discovered in LibreOffice, which could potentially result in the execution of arbitrary code when loading a malformed spreadsheet document or unacknowledged loading of linked documents within a floating frame.; tags | advisory, arbitrary; systems | linux, debian; advisories | CVE-2023-0950, CVE-2023-2255; SHA-256 | b27b03556ced9e9e09210b77f8b2ed4a4c103405a522b1cd9b043b091bc1cada; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 56 files
Debian 19 files
LiquidWorm 18 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Chokri Hammedi 3 files
Alter Prime 3 files
Valentin Lobstein 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,937)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,979)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2023-0950

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems