CVE-2019-9854 (retired)

Priority
Description
LibreOffice has a feature where documents can specify that pre-installed
macros can be executed on various script events such as mouse-over,
document-open etc. Access is intended to be restricted to scripts under the
share/Scripts/python, user/Scripts/python sub-directories of the
LibreOffice install. Protection was added, to address CVE-2019-9852, to
avoid a directory traversal attack where scripts in arbitrary locations on
the file system could be executed by employing a URL encoding attack to
defeat the path verification step. However this protection could be
bypassed by taking advantage of a flaw in how LibreOffice assembled the
final script URL location directly from components of the passed in path as
opposed to solely from the sanitized output of the path verification step.
This issue affects: Document Foundation LibreOffice 6.2 versions prior to
6.2.7; 6.3 versions prior to 6.3.1.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1:5.1.6~rc2-0ubuntu1~xenial10)
Ubuntu 18.04 LTS (Bionic Beaver):released (1:6.0.7-0ubuntu0.18.04.10)
Ubuntu 19.04 (Disco Dingo):released (1:6.2.7-0ubuntu0.19.04.1)
Ubuntu 19.10 (Eoan):released (1:6.3.0-0ubuntu1)
More Information

Updated: 2019-10-09 08:05:48 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)