{"id":"MGASA-2018-0271","summary":"Updated libreoffice packages fix security vulnerabilities","details":"The updated packages fix security vulnerabilities:\n\nLibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read \narbitrary files via =WEBSERVICE calls in a document, which use the \nCOM.MICROSOFT.WEBSERVICE function. (CVE-2018-6871)\n\nsot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before \n6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which \nallows remote attackers to cause a denial of service (use-after-free with write \naccess) or possibly have unspecified other impact via a crafted document that \nuses the structured storage ole2 wrapper file format. (CVE-2018-10119)\n\nThe SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in \nLibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a \ncustomizations index, which allows remote attackers to cause a denial of service \n(heap-based buffer overflow with write access) or possibly have unspecified \nother impact via a crafted document that contains a certain Microsoft Word \nrecord. (CVE-2018-10120)\n\nAn information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache \nOpenOffice Writer 4.1.5 automatically process and initiate an SMB connection \nembedded in a malicious file, as demonstrated by \nxlink:href=file://192.168.0.2/test.jpg within an office:document-content element \nin a .odt XML document. (CVE-2018-10583)\n","modified":"2026-04-16T06:22:46.888229709Z","published":"2018-06-05T21:42:18Z","upstream":["CVE-2018-10119","CVE-2018-10120","CVE-2018-10583","CVE-2018-6871"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0271.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22579"},{"type":"ADVISORY","url":"https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/"},{"type":"ADVISORY","url":"https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/"},{"type":"ADVISORY","url":"https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/"},{"type":"ADVISORY","url":"https://www.libreoffice.org/about-us/security/advisories/cve-2018-10583/"},{"type":"WEB","url":"https://www.debian.org/security/2018/dsa-4111"},{"type":"WEB","url":"https://www.debian.org/security/2018/dsa-4178"}],"affected":[{"package":{"name":"libreoffice","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/libreoffice?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.7.2-3.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0271.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}