Multiple vulnerabilities in LibreOffice
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2024-12426 CVE-2024-12425 |
| CWE-ID | CWE-200 CWE-22 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
LibreOffice Client/Desktop applications / Office applications |
| Vendor | LibreOffice |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU102417
Risk: Medium
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-12426
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to application allows to dynamically create links to external websites using information from environmental variables or INI file values. A remote attacker can trick the victim into opening a specially crafted documents and then clicking on the link in that document to gain access to potentially sensitive information.
Install updates from vendor's website.
Vulnerable software versionsLibreOffice: 24.8.0.1 - 24.8.3.2
CPE2.3- cpe:2.3:a:libreoffice:libreoffice:24.8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.3.2:*:*:*:*:*:*:*
https://www.libreoffice.org/about-us/security/advisories/cve-2024-12426/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Path traversal
EUVDB-ID: #VU102416
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-12425
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to overwrite arbitrary files on the system.
The vulnerability exists due to input validation error when processing documents with embedded .ttf font files. A remote attacker can create a specially crafted document, trick the victim into opening and and overwrite arbitrary files on the system, leading to remote code execution.
Install update from vendor's website.
Vulnerable software versionsLibreOffice: 24.8.0.1 - 24.8.3.2
CPE2.3- cpe:2.3:a:libreoffice:libreoffice:24.8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:24.8.3.2:*:*:*:*:*:*:*
https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
