VDB
DEBIAN-CVE-2018-10583
DEBIAN-CVE-2018-10583
PUBLISHED
CVSS 7.5 HIGH
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
Risk Scores
CVSS v3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | libreoffice | 7.6.4, 7.5.0, 24.2.0-1 |
| Debian:14 | libreoffice | 25.8.3-1, 25.8.3-1, 25.8.3-1 |
| Debian:12 | libreoffice | 4:25.2.1-1, 4:25.2.1-2, 4:25.2.1-3 |
| Debian:13 | libreoffice | 25.2.3-2, 25.2.3-2, 25.2.3-2 |
Timeline
- May 1, 2018 CVE Published
- Apr 28, 2026 CVE Updated