CVE-2018-6871

Published: Feb 9, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

44022

exploit

x_refsource_EXPLOIT-DB

USN-3579-1

vendor-advisory

x_refsource_UBUNTU

https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure

x_refsource_MISC

RHSA-2018:0517

vendor-advisory

x_refsource_REDHAT

https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-5-4-5&id=a916fc0c0e0e8b10cb4158fa0fa173fe205d434a

x_refsource_CONFIRM

RHSA-2018:0418

vendor-advisory

x_refsource_REDHAT

https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/

x_refsource_CONFIRM

DSA-4111

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-6871

Description

Affected Products

References