PT-2018-2469 · Apache+5 · Apache Openoffice+6

Richard Davy

·

Published

2018-05-01

·

Updated

2024-06-15

·

CVE-2018-10583

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions LibreOffice versions prior to 6.0.3 Apache OpenOffice versions prior to 4.1.5
Description The issue is related to the automatic initiation of an SMB connection by LibreOffice and Apache OpenOffice. This can be exploited by a remote attacker using a specially crafted file, potentially allowing access to protected information. The vulnerability can be triggered by embedding an SMB connection in a malicious file, such as an xlink:href attribute within an office:document-content element in a .odt XML document, for example, xlink:href=file://192.168.0.2/test.jpg.
Recommendations For LibreOffice version 6.0.3 and earlier, update to a version that contains a fix for this issue. For Apache OpenOffice version 4.1.5 and earlier, update to a version that contains a fix for this issue. As a temporary workaround, consider disabling the automatic processing of SMB connections in LibreOffice and Apache OpenOffice until a patch is available.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

BDU:2019-00712
CVE-2018-10583
ECHO-A8E4-9962-CA51
MGASA-2018-0271
OPENSUSE-SU-2018_2532-1
OPENSUSE-SU-2018_2533-1
OPENSUSE-SU-2018_3796-1
OPENSUSE-SU-2024:10983-1
RHSA-2018:3054
RHSA-2018_3054
SUSE-SU-2018:2485-1
SUSE-SU-2018:2485-2
SUSE-SU-2018:2535-1
SUSE-SU-2018:3683-1
SUSE-SU-2018_2485-1
SUSE-SU-2018_2485-2
SUSE-SU-2018_3683-1
USN-3883-1

Affected Products

Apache Openoffice
Debian
Libreoffice
Openoffice
Red Hat
Suse
Ubuntu