cnvd - cnvd-2017-02344

cnvd-2017-02344

Vulnerability from cnvd

Title: LibreOffice信息泄露漏洞

Description:

LibreOffice是开源的办公软件套件。该套件包含文本文档、电子表格、演示文稿、绘图、数据库等软件，由文档基金会（The Document Foundation，TDF）开发。

LibreOffice Calc和Writer存在安全漏洞。由于程序处理链接时使用OpenDocument Format文件和模板中存储的LinkUpdateMode配置信息。远程攻击者可通过向Calc或Writer中插入数据的文档利用该漏洞获取敏感信息。

Severity: 高

Patch Name: LibreOffice信息泄露漏洞的补丁

Patch Description:

LibreOffice是开源的办公软件套件。该套件包含文本文档、电子表格、演示文稿、绘图、数据库等软件，由文档基金会（The Document Foundation，TDF）开发。

LibreOffice Calc和Writer存在安全漏洞。由于程序处理链接时使用OpenDocument Format文件和模板中存储的LinkUpdateMode配置信息。远程攻击者可通过向Calc或Writer中插入数据的文档利用该漏洞获取敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： http://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/

Reference: http://securitytracker.com/id/1037893

Impacted products

Name
['LibreOffice LibreOffice <5.1.6', 'LibreOffice LibreOffice <5.2.5', 'LibreOffice LibreOffice <5.3.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-3157",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3157"
    }
  },
  "description": "LibreOffice\u662f\u5f00\u6e90\u7684\u529e\u516c\u8f6f\u4ef6\u5957\u4ef6\u3002\u8be5\u5957\u4ef6\u5305\u542b\u6587\u672c\u6587\u6863\u3001\u7535\u5b50\u8868\u683c\u3001\u6f14\u793a\u6587\u7a3f\u3001\u7ed8\u56fe\u3001\u6570\u636e\u5e93\u7b49\u8f6f\u4ef6\uff0c\u7531\u6587\u6863\u57fa\u91d1\u4f1a\uff08The Document Foundation\uff0cTDF\uff09\u5f00\u53d1\u3002\r\n\r\nLibreOffice Calc\u548cWriter\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u7531\u4e8e\u7a0b\u5e8f\u5904\u7406\u94fe\u63a5\u65f6\u4f7f\u7528OpenDocument Format\u6587\u4ef6\u548c\u6a21\u677f\u4e2d\u5b58\u50a8\u7684LinkUpdateMode\u914d\u7f6e\u4fe1\u606f\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411Calc\u6216Writer\u4e2d\u63d2\u5165\u6570\u636e\u7684\u6587\u6863\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "unknown",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-02344",
  "openTime": "2017-03-03",
  "patchDescription": "LibreOffice\u662f\u5f00\u6e90\u7684\u529e\u516c\u8f6f\u4ef6\u5957\u4ef6\u3002\u8be5\u5957\u4ef6\u5305\u542b\u6587\u672c\u6587\u6863\u3001\u7535\u5b50\u8868\u683c\u3001\u6f14\u793a\u6587\u7a3f\u3001\u7ed8\u56fe\u3001\u6570\u636e\u5e93\u7b49\u8f6f\u4ef6\uff0c\u7531\u6587\u6863\u57fa\u91d1\u4f1a\uff08The Document Foundation\uff0cTDF\uff09\u5f00\u53d1\u3002\r\n\r\nLibreOffice Calc\u548cWriter\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u7531\u4e8e\u7a0b\u5e8f\u5904\u7406\u94fe\u63a5\u65f6\u4f7f\u7528OpenDocument Format\u6587\u4ef6\u548c\u6a21\u677f\u4e2d\u5b58\u50a8\u7684LinkUpdateMode\u914d\u7f6e\u4fe1\u606f\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411Calc\u6216Writer\u4e2d\u63d2\u5165\u6570\u636e\u7684\u6587\u6863\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "LibreOffice\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "LibreOffice LibreOffice \u003c5.1.6",
      "LibreOffice LibreOffice  \u003c5.2.5",
      "LibreOffice LibreOffice  \u003c5.3.0"
    ]
  },
  "referenceLink": "http://securitytracker.com/id/1037893",
  "serverity": "\u9ad8",
  "submitTime": "2017-02-24",
  "title": "LibreOffice\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2017-3157 (GCVE-0-2017-3157)

Vulnerability from cvelistv5

Published

2017-11-20 20:00

Modified

2024-09-16 20:16

Severity ?

CWE

Information Disclosure

Summary

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:0914	vendor-advisory, x_refsource_REDHAT
	https://www.debian.org/security/2017/dsa-3792	vendor-advisory, x_refsource_DEBIAN
	http://www.securitytracker.com/id/1037893	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/96402	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:0979	vendor-advisory, x_refsource_REDHAT
	https://www.openoffice.org/security/cves/CVE-2017-3157.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache OpenOffice	Version: 4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:16:28.361Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2017:0914",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0914"
          },
          {
            "name": "DSA-3792",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-3792"
          },
          {
            "name": "1037893",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037893"
          },
          {
            "name": "96402",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96402"
          },
          {
            "name": "RHSA-2017:0979",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0979"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.openoffice.org/security/cves/CVE-2017-3157.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache OpenOffice",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
            }
          ]
        }
      ],
      "datePublic": "2017-11-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user\u0027s filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "name": "RHSA-2017:0914",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0914"
        },
        {
          "name": "DSA-3792",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-3792"
        },
        {
          "name": "1037893",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037893"
        },
        {
          "name": "96402",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96402"
        },
        {
          "name": "RHSA-2017:0979",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0979"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.openoffice.org/security/cves/CVE-2017-3157.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "DATE_PUBLIC": "2017-11-19T00:00:00",
          "ID": "CVE-2017-3157",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache OpenOffice",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user\u0027s filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2017:0914",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:0914"
            },
            {
              "name": "DSA-3792",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-3792"
            },
            {
              "name": "1037893",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037893"
            },
            {
              "name": "96402",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96402"
            },
            {
              "name": "RHSA-2017:0979",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:0979"
            },
            {
              "name": "https://www.openoffice.org/security/cves/CVE-2017-3157.html",
              "refsource": "CONFIRM",
              "url": "https://www.openoffice.org/security/cves/CVE-2017-3157.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2017-3157",
    "datePublished": "2017-11-20T20:00:00Z",
    "dateReserved": "2016-12-05T00:00:00",
    "dateUpdated": "2024-09-16T20:16:57.330Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted