LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6.

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0089 advisory.

  - libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation (CVE-2022-26305)

  - libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing     the Master Password (CVE-2022-26306)

  - libreoffice: Weak Master Keys (CVE-2022-26307)

  - libreoffice: Macro URL arbitrary script execution (CVE-2022-3140)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0089 advisory.

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where the required initialization vector for encryption was always the same which weakens the     security of the encryption making them vulnerable if an attacker has access to the user's configuration     data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.1. (CVE-2022-26306)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0304 advisory.

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where the required initialization vector for encryption was always the same which weakens the     security of the encryption making them vulnerable if an attacker has access to the user's configuration     data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.1. (CVE-2022-26306)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3368 advisory.

  - LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual     aids that no alteration of the document occurred since the last signing and that the signature is valid.
    An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally     signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the     document to contain both X509Data and KeyValue children of the KeyInfo tag, which when opened caused     LibreOffice to verify using the KeyValue but to report verification with the unrelated X509Data value.
    This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.5. (CVE-2021-25636)

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where the required initialization vector for encryption was always the same which weakens the     security of the encryption making them vulnerable if an attacker has access to the user's configuration     data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.1. (CVE-2022-26306)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0304 advisory.

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where the required initialization vector for encryption was always the same which weakens the     security of the encryption making them vulnerable if an attacker has access to the user's configuration     data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.1. (CVE-2022-26306)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0304 advisory.

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where the required initialization vector for encryption was always the same which weakens the     security of the encryption making them vulnerable if an attacker has access to the user's configuration     data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.1. (CVE-2022-26306)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0304 advisory.

  - libreoffice: Macro URL arbitrary script execution (CVE-2022-3140)

  - libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation (CVE-2022-26305)

  - libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing     the Master Password (CVE-2022-26306)

  - libreoffice: Weak Master Keys (CVE-2022-26307)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0089 advisory.

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where the required initialization vector for encryption was always the same which weakens the     security of the encryption making them vulnerable if an attacker has access to the user's configuration     data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.1. (CVE-2022-26306)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0089 advisory.

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where the required initialization vector for encryption was always the same which weakens the     security of the encryption making them vulnerable if an attacker has access to the user's configuration     data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.1. (CVE-2022-26306)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0089 advisory.

  - libreoffice: Macro URL arbitrary script execution (CVE-2022-3140)

  - libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation (CVE-2022-26305)

  - libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing     the Master Password (CVE-2022-26306)

  - libreoffice: Weak Master Keys (CVE-2022-26307)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-775c747e4a advisory.

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-202212-04 (LibreOffice: Arbitrary Code Execution)

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5694-1 advisory.

  - If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On     restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the     recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF     file format, then affected versions of LibreOffice default that subsequent saves of the document are     unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while     believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4     series versions prior to 6.4.3. (CVE-2020-12801)

  - ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form     data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF     implements the XForms W3C standard, which allows data to be submitted without the need for macros or other     active scripting Prior to version 6.4.4 LibreOffice allowed forms to be submitted to any URI, including     file: URIs, enabling form submissions to overwrite local files. User-interaction is required to submit the     form, but to avoid the possibility of malicious documents engineered to maximize the possibility of     inadvertent user submission this feature has now been limited to http[s] URIs, removing the possibility to     overwrite local files. This issue affects: The Document Foundation LibreOffice versions prior to 6.4.4.
    (CVE-2020-12803)

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where the required initialization vector for encryption was always the same which weakens the     security of the encryption making them vulnerable if an attacker has access to the user's configuration     data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.1. (CVE-2022-26306)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3650-1 advisory.

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3602-1 advisory.

  - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was     signed by a trusted author was done by only matching the serial number and issuer string of the used     certificate with that of a trusted certificate. This is not sufficient to verify that the macro was     actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a     serial number and an issuer string identical to a trusted certificate which LibreOffice would present as     belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in     macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to     7.2.7; 7.3 versions prior to 7.3.1. (CVE-2022-26305)

  - LibreOffice supports the storage of passwords for web connections in the user's configuration database.
    The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice     existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making     the stored passwords vulerable to a brute force attack if an attacker has access to the users stored     config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions     prior to 7.3.3. (CVE-2022-26307)

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5252 advisory.

  - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint     server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected     versions of LibreOffice links using that scheme could be constructed to call internal macros with     arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary     script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions     prior to 7.4.1; 7.3 versions prior to 7.3.6. (CVE-2022-3140)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
190177	CentOS 8 : libreoffice (CESA-2023:0089)	Nessus	CentOS Local Security Checks	high
184844	Rocky Linux 8 : libreoffice (RLSA-2023:0089)	Nessus	Rocky Linux Local Security Checks	high
184528	Rocky Linux 9 : libreoffice (RLSA-2023:0304)	Nessus	Rocky Linux Local Security Checks	high
173416	Debian DLA-3368-1 : libreoffice - LTS security update	Nessus	Debian Local Security Checks	high
170575	AlmaLinux 9 : libreoffice (ALSA-2023:0304)	Nessus	Alma Linux Local Security Checks	high
170516	Oracle Linux 9 : libreoffice (ELSA-2023-0304)	Nessus	Oracle Linux Local Security Checks	high
170427	RHEL 9 : libreoffice (RHSA-2023:0304)	Nessus	Red Hat Local Security Checks	high
170117	Oracle Linux 8 : libreoffice (ELSA-2023-0089)	Nessus	Oracle Linux Local Security Checks	high
170049	AlmaLinux 8 : libreoffice (ALSA-2023:0089)	Nessus	Alma Linux Local Security Checks	high
169961	RHEL 8 : libreoffice (RHSA-2023:0089)	Nessus	Red Hat Local Security Checks	high
169041	Fedora 35 : 1:libreoffice (2022-775c747e4a)	Nessus	Fedora Local Security Checks	medium
168910	GLSA-202212-04 : LibreOffice: Arbitrary Code Execution	Nessus	Gentoo Local Security Checks	medium
166339	Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : LibreOffice vulnerabilities (USN-5694-1)	Nessus	Ubuntu Local Security Checks	high
166246	SUSE SLED15 / SLES15 Security Update : libreoffice (SUSE-SU-2022:3650-1)	Nessus	SuSE Local Security Checks	high
166186	SUSE SLED12 / SLES12 Security Update : libreoffice (SUSE-SU-2022:3602-1)	Nessus	SuSE Local Security Checks	high
166093	Debian DSA-5252-1 : libreoffice - security update	Nessus	Debian Local Security Checks	medium

Detections

Analytics

CVE-2022-3140

medium

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

medium

medium

high

high

high

medium