CVE-2019-9851

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers, e.g. mouse over. However LibreOffice also has a separate feature where documents can specify that pre-installed scripts can be executed on various global script events such as document-open, etc. In the fixed versions, global script event handlers are validated equivalently to document script event handlers. This issue affects: Document Foundation LibreOffice versions prior to 6.2.6.

References

Affected packages

Git / github.com/libreoffice/core

Affected ranges

Type

GIT

Repo

https://github.com/libreoffice/core

Events

Introduced

Fixed

7c4bdddf82580ab62e442ff6497af92e69fddd5e

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.2.6"
        }
    ]
}

Affected versions

CODE-4.*

CODE-4.2.0-1

CODE-4.2.0-2

CODE-4.2.0-3

CODE-4.2.0-4

CP-Android-iOS-4.*

CP-Android-iOS-4.2.0

Other

MELD_LIBREOFFICE_REPOS

libreoffice-3-5-branch-point

libreoffice-3-6-branch-point

libreoffice-4-0-branch-point

libreoffice-4-1-branch-point

libreoffice-4-2-branch-point

libreoffice-4-2-milestone-1

libreoffice-4-3-branch-point

libreoffice-4-4-branch-point

libreoffice-5-0-branch-point

libreoffice-5-1-branch-point

libreoffice-5-2-branch-point

libreoffice-5-3-branch-point

libreoffice-5-4-branch-point

libreoffice-6-0-branch-point

libreoffice-6-1-branch-point

libreoffice-6-2-branch-point

windows_build_successful_2011_11_08

co-6.*

co-6.2-1

co-6.2-2

cp-6.*

cp-6.2-3

cp-6.2-4

cp-6.2-5

cp-6.2-branch-point

gpg4libre-review-5.*

gpg4libre-review-5.4.99

libreoffice-3.*

libreoffice-3.5.0.0

sdremote-2.*

sdremote-2.0.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9851.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "19.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "29"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "15.1"
            }
        ]
    }
]