Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-0950

Published: 25/05/2023 Updated: 26/11/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Libreoffice

Vulnerability Summary

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an malicious user to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions before 7.4.6; 7.5 versions before 7.5.1.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

libreoffice libreoffice

debian debian linux 10.0

Vendor Advisories

Red Hat: Moderate: libreoffice security update
Synopsis Moderate: libreoffice security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for libreoffice is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...
Debian Security Advisories: DSA-5415-1 libreoffice -- security update
Two security issues were discocvered in LibreOffice, which could potentially result in the execution of arbitrary code when loading a malformed spreadsheet document or unacknowlegded loading of linked documents within a floating frame For the stable distribution (bullseye), these problems have been fixed in version 1:704-4+deb11u7 We recommend ...
Red Hat:
Description<!---->A vulnerability was found in LibreOffice Improper validation of the array index in the spreadsheet component of The Document Foundation in LibreOffice allows an attacker to craft a spreadsheet document that causes an array index underflow when loaded In affected versions of LibreOffice, certain malformed spreadsheet formulas, su ...

References

CWE-129https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950https://www.debian.org/security/2023/dsa-5415https://lists.debian.org/debian-lts-announce/2023/08/msg00014.htmlhttps://security.gentoo.org/glsa/202311-15https://access.redhat.com/errata/RHSA-2023:6508https://nvd.nist.govhttps://www.debian.org/security/2023/dsa-5415
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook