Showing 1 - 2 of 2

CVE-2023-0950

Status Candidate

Overview

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.

Related Files

Ubuntu Security Notice USN-6144-1: Posted Jun 7, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6144-1 - It was discovered that LibreOffice did not properly validate the number of parameters passed to the formula interpreter, leading to an array index underflow attack. If a user were tricked into opening a specially crafted spreadsheet file, an attacker could possibly use this issue to execute arbitrary code. Amel Bouziane-Leblond discovered that LibreOffice did not prompt the user before loading the host document inside an IFrame. If a user were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause information disclosure or execute arbitrary code.; tags | advisory, arbitrary, info disclosure; systems | linux, ubuntu; advisories | CVE-2023-0950, CVE-2023-2255; SHA-256 | 37dcbd392a52b90efbebd568b820d59b5bc9cea60ef156e11a7091896e446143; Download | Favorite | View

Debian Security Advisory 5415-1: Posted May 29, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5415-1 - Two security issues were discovered in LibreOffice, which could potentially result in the execution of arbitrary code when loading a malformed spreadsheet document or unacknowledged loading of linked documents within a floating frame.; tags | advisory, arbitrary; systems | linux, debian; advisories | CVE-2023-0950, CVE-2023-2255; SHA-256 | b27b03556ced9e9e09210b77f8b2ed4a4c103405a522b1cd9b043b091bc1cada; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 132 files
Ubuntu 84 files
indoushka 33 files
Debian 26 files
Gentoo 17 files
nu11secur1ty 15 files
Apple 13 files
LiquidWorm 9 files
Google Security Research 7 files
jheysel-r7 4 files

File Archives

Systems

AIX (428)
Apple (2,016)
BSD (375)
CentOS (57)
Cisco (1,925)
Debian (6,851)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,339)
HPUX (879)
iOS (355)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (46,852)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,926)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,949)
UNIX (9,319)
UnixWare (186)
Windows (6,590)
Other

CVE-2023-0950

Overview

Related Files

File Archive:

October 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems