Strike ID:
E19-0yaw1
CVSS:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
1
Year:
2019

Description

This strike exploits a code execution vulnerability in LibreOffice. The vulnerability is due to unrestricted use of document event function to trigger LibreLogo to execute python contained within a document. An attacker could entice the victim to open the crafted odt file. Successful exploitation could lead to code execution on the victims Machine.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}