certfr_avis - certfr-2023-avi-0477

CERTFR-2023-AVI-0477

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans LibreOffice. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Libreoffice	LibreOffice	LibreOffice versions 7.4.x antérieures à 7.4.6
	Libreoffice	LibreOffice	LibreOffice versions 7.5.x antérieures à 7.5.1

References

Title

Publication Time

CVE-2023-1183 (GCVE-0-2023-1183)

Vulnerability from cvelistv5 – Published: 2023-07-10 15:04 – Updated: 2025-02-13 16:39

Summary

A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.

Severity ?

5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

CWE

CWE-20 - Improper Input Validation

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2023-1183	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2208506	issue-trackingx_refsource_REDHAT
	https://www.libreoffice.org/about-us/security/adv…
	http://www.openwall.com/lists/oss-security/2023/12/28/4
	http://www.openwall.com/lists/oss-security/2024/01/03/4

Impacted products

Vendor

Product

Version

n/a

libreoffice

Unaffected: 7.4.6
Unaffected: 7.5.1

Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Fedora	Fedora

Credits

Red Hat would like to thank Gregor Kopf (Secfault Security GmbH) for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:40:58.213Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-1183"
          },
          {
            "name": "RHBZ#2208506",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208506"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/12/28/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/01/03/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "libreoffice",
          "vendor": "n/a",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.4.6"
            },
            {
              "status": "unaffected",
              "version": "7.5.1"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libreoffice",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libreoffice",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libreoffice",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libreoffice",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://packages.fedoraproject.org/",
          "defaultStatus": "affected",
          "packageName": "libreoffice",
          "product": "Fedora",
          "vendor": "Fedora"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Gregor Kopf (Secfault Security GmbH) for reporting this issue."
        }
      ],
      "datePublic": "2023-06-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Libreoffice package. An attacker can craft an odb containing a \"database/script\" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-03T12:06:19.907Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-1183"
        },
        {
          "name": "RHBZ#2208506",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208506"
        },
        {
          "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/12/28/4"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/01/03/4"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-05-19T00:00:00Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-06-19T00:00:00Z",
          "value": "Made public."
        }
      ],
      "title": "Arbitrary file write",
      "x_redhatCweChain": "CWE-20: Improper Input Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-1183",
    "datePublished": "2023-07-10T15:04:30.740Z",
    "dateReserved": "2023-03-06T04:37:10.705Z",
    "dateUpdated": "2025-02-13T16:39:16.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted