Exploit Report

Computer Security And Bug Information

CVE-2023-0950

CVECVE-2023-0950
CVE Title
Published Date2023-05-25T20:15Z
Modified Date2023-06-01T17:29Z
CWE TypeCWE-129
CVSS 3.xCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
DescriptionImproper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.
References
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950
Reference DescriptionMISC https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950
Reference URLhttps://www.debian.org/security/2023/dsa-5415
Reference DescriptionDEBIAN DSA-5415
TagsVendor Advisory
Sources NIST MITRE

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles