Jollheef

**Name of the Vulnerable Software and Affected Versions** LibreOffice versions prior to 5.4.5 LibreOffice versions 6.x prior to 6.0.1 **Description** The issue is related to the COM.MICROSOFT.WEBSERVICE function in LibreOffice, which allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document. This is due to inadequate management of registration data. An attacker can exploit this issue by sending a specially crafted request to gain access to protected information. **Recommendations** For versions prior to 5.4.5, update to version 5.4.5 or later. For versions 6.x prior to 6.0.1, update to version 6.0.1 or later. As a temporary workaround, consider disabling the `COM.MICROSOFT.WEBSERVICE` function until a patch is available.