[MART] - Daily Diary #562 - LibreOffice Fixes 3 Vulnerabilities

CTAS-MAT ctas-mat at appgate.com
Thu Jul 28 20:40:03 UTC 2022 

Hello,

I hope everyone is doing well!

Below is the entry for today.

07/28/2022 - Diary entry #562:

LibreOffice is an open-source suite for word processing, spreadsheets, presentations, and more. Used by a great number of users as an alternative to Microsoft Office, LibreOffice is supplied by some Linux distributions such as Debian and Ubuntu.

Both the latest available version (7.3.5.2) and the latest stable version (7.2.7) have fixed three new vulnerabilities related to the execution of macros and password protection for web connections.

Tracked as CVE-2022-26305, the first one allows macro code to run on the device even if the certificate used to sign the macro doesn't match the entries in the configuration database. The second one, CVE-2022-26306, allows attackers with access to the user's configuration data to retrieve passwords for web connections without knowing the master password. And finally, the last one, CVE-2022-26307, is related to a problem with the encoding of the master key password that protects the web connections in the user's configuration database, allowing an attacker to brute force it and access the stored passwords.

The vulnerability CVE-2022-26305 is not exploitable if the macro security level is set to very high or if the user has no trusted certificates. However, we recommend to users update their LibreOffice to the latest version and be careful downloading documents from unknown sources.

Kind Regards,

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



Felipe Tarijon de Almeida
Malware Analyst
Appgate

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220728/9c833da9/attachment.htm>

More information about the MART mailing list