VDB
MGASA-2018-0271
MGASA-2018-0271
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Updated libreoffice packages fix security vulnerabilities
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia:6 | libreoffice | 0, 0 |
Exploit Intelligence
- Updated python3 exploit for CVE-2018-10583 (LibreOffice/Open Office - '.odt' Information Disclosure ) (github-poc-repo)
- Updated python3 exploit for CVE-2018-10583 (LibreOffice/Open Office - '.odt' Information Disclosure ) (github-poc)
- An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by "xlink:href=file://192.168.0.2/test.jpg" within an "office:document-content" element in a ".odt XML document". (github-poc)
Timeline
- Jun 5, 2018 CVE Published
- Apr 16, 2026 CVE Updated
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://advisories.mageia.org/MGASA-2018-0271.html advisory
- https://bugs.mageia.org/show_bug.cgi?id=22579 report
- https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/ advisory
- https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/ advisory
- https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/ advisory
- https://www.libreoffice.org/about-us/security/advisories/cve-2018-10583/ advisory
- https://www.debian.org/security/2018/dsa-4111 advisory
- https://www.debian.org/security/2018/dsa-4178 advisory