Back to search
CVE-2018-10583
Published: May 1, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://security-tracker.debian.org/tracker/CVE-2018-10583
x_refsource_CONFIRM
RHSA-2018:3054
vendor-advisory
x_refsource_REDHAT
USN-3883-1
vendor-advisory
x_refsource_UBUNTU
44564
exploit
x_refsource_EXPLOIT-DB
[openoffice-dev] 20190928 CVE-2018-10583
mailing-list
x_refsource_MLIST
[openoffice-dev] 20190929 Re: CVE-2018-10583
mailing-list
x_refsource_MLIST
[openoffice-dev] 20190930 Re: CVE-2018-10583
mailing-list
x_refsource_MLIST
20201021 [RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now