CVE-2023-1183

Synopsis Moderate: libreoffice security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for libreoffice is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...

Gregor Kopf of Secfault Security GmbH discovered that HSQLDB, a Java SQL database engine, allowed the execution of spurious scripting commands in script and log files Hsqldb supports a SCRIPT keyword which is normally used to record the commands input by the database admin to output such a script In combination with LibreOffice, an attacker cou ...

Gregor Kopf of Secfault Security GmbH discovered that HSQLDB, a Java SQL database engine, allowed the execution of spurious scripting commands in script and log files Hsqldb supports a SCRIPT keyword which is normally used to record the commands input by the database admin to output such a script In combination with LibreOffice, an attacker cou ...

A flaw was found in the Libreoffice package An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker (CVE-2023-1183) ...

Description<!---->A flaw was found in the Libreoffice package An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attackerA flaw was found in the Libreoffice package An attacker can craft an odb containing a "data ...