Alex Inführ

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 6.9.11-40 and earlier, 7.x versions prior to 7.0.10-40 **Description** The issue is related to the -authenticate option in ImageMagick, which is used for setting passwords for password-protected PDF files. The user-controlled password is not properly escaped or sanitized, allowing an attacker to inject additional shell commands via coders/pdf.c. This could lead to unauthorized access to confidential data, disruption of data integrity, and denial of service. **Recommendations** For ImageMagick versions 6.9.11-40 and earlier: update to version 6.9.11-40 or later. For 7.x versions prior to 7.0.10-40: update to version 7.0.10-40 or later. As a temporary workaround, consider disabling the use of the -authenticate option until a patch is available. Restrict access to the coders/pdf.c module to minimize the risk of exploitation. Avoid using user-controlled passwords with the -authenticate option until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** LibreOffice versions prior to 6.0.7 LibreOffice versions prior to 6.1.3 **Description** The issue is caused by a buffer overflow in memory, allowing a remote attacker to execute arbitrary code using a specially crafted document. It was also found that LibreOffice is vulnerable to a directory traversal attack, which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document to execute a Python method from a script in any arbitrary file system location. A directory traversal vulnerability in LibreOffice allows remote attackers to execute code via a specially crafted ODT file. **Recommendations** For versions prior to 6.0.7, update to version 6.0.7 or later to resolve the issue. For versions prior to 6.1.3, update to version 6.1.3 or later to resolve the issue. As a temporary workaround, consider disabling the execution of macros from arbitrary file system locations to minimize the risk of exploitation. Avoid opening specially crafted ODT files from untrusted sources until the issue is resolved.