CVE-2021-25631
Published: 3 May 2021
In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.
Notes
Author | Note |
---|---|
mdeslaur | This is a windows-specific CVE |
Priority
Status
Package | Release | Status |
---|---|---|
libreoffice Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(windows-only)
|
focal |
Not vulnerable
(windows-only)
|
|
groovy |
Ignored
(end of life)
|
|
hirsute |
Not vulnerable
(windows-only)
|
|
impish |
Not vulnerable
(windows-only)
|
|
jammy |
Not vulnerable
(windows-only)
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(debian: Libreoffice on Windows)
|
|
xenial |
Ignored
(end of standard support, was needs-triage)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |