VDB
CVE-2023-2255
CVE-2023-2255
PUBLISHED
Es existiert eine Schwachstelle in LibreOffice. Der Fehler besteht aufgrund einer unsachgemäßen Zugriffskontrolle in Editor-Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er ein Dokument erstellt, das dazu führt, dass externe Links ohne Eingabeaufforderung geladen werden. Dadurch kann er Sicherheitsmaßnahmen umgehen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 43.55% · 97.6th percentile
Risk Scores
EPSS Score
43.55%
97.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SUSE | SUSE Linux | |
| Debian | Debian Linux | |
| Oracle | Oracle Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Open Source | Open Source LibreOffice <7.5.2 | |
| Open Source | Open Source LibreOffice <7.4.6 | |
| Gentoo | Gentoo Linux | |
| Ubuntu | Ubuntu Linux |
Exploit Intelligence
- SaintMichae64/CVE-2023-2255 (github-poc-repo)
- SaintMichae64/CVE-2023-2255 (github-poc-repo)
- SaintMichae64/CVE-2023-2255 (github-poc-repo)
- SaintMichae64/CVE-2023-2255 (github-poc-repo)
- SaintMichae64/CVE-2023-2255 (github-poc-repo)
- SaintMichae64/CVE-2023-2255 (github-poc-repo)
- SaintMichae64/CVE-2023-2255 (github-poc-repo)
- SaintMichae64/CVE-2023-2255 (github-poc-repo)
- SaintMichae64/CVE-2023-2255 (github-poc-repo)
- CVE-2023-2255 for LPE (github-poc-repo)
…and 67 more exploits
Timeline
- May 25, 2023 CVE Published
- May 26, 2023 EPSS Score
- Aug 6, 2023 EPSS Score
- Oct 18, 2023 EPSS Score
- Nov 23, 2023 EPSS Score
- Feb 3, 2024 EPSS Score
- Apr 16, 2024 EPSS Score
- Jun 27, 2024 EPSS Score
- Aug 2, 2024 CVE Updated
- Sep 8, 2024 EPSS Score
- Oct 14, 2024 EPSS Score
- Dec 26, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1307.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1307 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-January/017614.html advisory
- https://www.libreoffice.org/about-us/security/advisories/cve-2023-0950/ advisory
- https://www.libreoffice.org/about-us/security/advisories/cve-2023-2255/ advisory
- https://www.debian.org/security/2023/dsa-5415 advisory
- https://ubuntu.com/security/notices/USN-6144-1 advisory
- https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html advisory
- https://access.redhat.com/errata/RHSA-2023:6508 advisory
- https://access.redhat.com/errata/RHSA-2023:6933 advisory
- https://security.gentoo.org/glsa/202311-15 advisory
- https://linux.oracle.com/errata/ELSA-2024-3304.html advisory
- https://linux.oracle.com/errata/ELSA-2024-3835.html advisory