Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an malicious user to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an malicious user to run arbitrary gstreamer plugins depending on what plugins are installed on the target system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libreoffice libreoffice |
||
fedoraproject fedora 38 |
||
debian debian linux 11.0 |
||
debian debian linux 12.0 |