SUSE: CVE-2023-2255: SUSE Linux Security Advisory

发布于3月6日3月6日

Members

SUSE: CVE-2023-2255: SUSE Linux Security Advisory

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

05/25/2023

Created

08/28/2023

Added

08/28/2023

Modified

01/28/2025

Description

Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3.

Solution(s)

suse-upgrade-atk-devel
suse-upgrade-atk-doc
suse-upgrade-atk-lang
suse-upgrade-dragonbox-devel
suse-upgrade-fixmath-devel
suse-upgrade-libatk-1_0-0
suse-upgrade-libatk-1_0-0-32bit
suse-upgrade-libmwaw-0_3-3
suse-upgrade-libmwaw-devel
suse-upgrade-libmwaw-devel-doc
suse-upgrade-libreoffice
suse-upgrade-libreoffice-base
suse-upgrade-libreoffice-base-drivers-postgresql
suse-upgrade-libreoffice-branding-upstream
suse-upgrade-libreoffice-calc
suse-upgrade-libreoffice-calc-extensions
suse-upgrade-libreoffice-draw
suse-upgrade-libreoffice-filters-optional
suse-upgrade-libreoffice-gdb-pretty-printers
suse-upgrade-libreoffice-glade
suse-upgrade-libreoffice-gnome
suse-upgrade-libreoffice-gtk3
suse-upgrade-libreoffice-icon-themes
suse-upgrade-libreoffice-impress
suse-upgrade-libreoffice-l10n-af
suse-upgrade-libreoffice-l10n-am
suse-upgrade-libreoffice-l10n-ar
suse-upgrade-libreoffice-l10n-as
suse-upgrade-libreoffice-l10n-ast
suse-upgrade-libreoffice-l10n-be
suse-upgrade-libreoffice-l10n-bg
suse-upgrade-libreoffice-l10n-bn
suse-upgrade-libreoffice-l10n-bn_in
suse-upgrade-libreoffice-l10n-bo
suse-upgrade-libreoffice-l10n-br
suse-upgrade-libreoffice-l10n-brx
suse-upgrade-libreoffice-l10n-bs
suse-upgrade-libreoffice-l10n-ca
suse-upgrade-libreoffice-l10n-ca_valencia
suse-upgrade-libreoffice-l10n-ckb
suse-upgrade-libreoffice-l10n-cs
suse-upgrade-libreoffice-l10n-cy
suse-upgrade-libreoffice-l10n-da
suse-upgrade-libreoffice-l10n-de
suse-upgrade-libreoffice-l10n-dgo
suse-upgrade-libreoffice-l10n-dsb
suse-upgrade-libreoffice-l10n-dz
suse-upgrade-libreoffice-l10n-el
suse-upgrade-libreoffice-l10n-en
suse-upgrade-libreoffice-l10n-en_gb
suse-upgrade-libreoffice-l10n-en_za
suse-upgrade-libreoffice-l10n-eo
suse-upgrade-libreoffice-l10n-es
suse-upgrade-libreoffice-l10n-et
suse-upgrade-libreoffice-l10n-eu
suse-upgrade-libreoffice-l10n-fa
suse-upgrade-libreoffice-l10n-fi
suse-upgrade-libreoffice-l10n-fr
suse-upgrade-libreoffice-l10n-fur
suse-upgrade-libreoffice-l10n-fy
suse-upgrade-libreoffice-l10n-ga
suse-upgrade-libreoffice-l10n-gd
suse-upgrade-libreoffice-l10n-gl
suse-upgrade-libreoffice-l10n-gu
suse-upgrade-libreoffice-l10n-gug
suse-upgrade-libreoffice-l10n-he
suse-upgrade-libreoffice-l10n-hi
suse-upgrade-libreoffice-l10n-hr
suse-upgrade-libreoffice-l10n-hsb
suse-upgrade-libreoffice-l10n-hu
suse-upgrade-libreoffice-l10n-id
suse-upgrade-libreoffice-l10n-is
suse-upgrade-libreoffice-l10n-it
suse-upgrade-libreoffice-l10n-ja
suse-upgrade-libreoffice-l10n-ka
suse-upgrade-libreoffice-l10n-kab
suse-upgrade-libreoffice-l10n-kk
suse-upgrade-libreoffice-l10n-km
suse-upgrade-libreoffice-l10n-kmr_latn
suse-upgrade-libreoffice-l10n-kn
suse-upgrade-libreoffice-l10n-ko
suse-upgrade-libreoffice-l10n-kok
suse-upgrade-libreoffice-l10n-ks
suse-upgrade-libreoffice-l10n-lb
suse-upgrade-libreoffice-l10n-lo
suse-upgrade-libreoffice-l10n-lt
suse-upgrade-libreoffice-l10n-lv
suse-upgrade-libreoffice-l10n-mai
suse-upgrade-libreoffice-l10n-mk
suse-upgrade-libreoffice-l10n-ml
suse-upgrade-libreoffice-l10n-mn
suse-upgrade-libreoffice-l10n-mni
suse-upgrade-libreoffice-l10n-mr
suse-upgrade-libreoffice-l10n-my
suse-upgrade-libreoffice-l10n-nb
suse-upgrade-libreoffice-l10n-ne
suse-upgrade-libreoffice-l10n-nl
suse-upgrade-libreoffice-l10n-nn
suse-upgrade-libreoffice-l10n-nr
suse-upgrade-libreoffice-l10n-nso
suse-upgrade-libreoffice-l10n-oc
suse-upgrade-libreoffice-l10n-om
suse-upgrade-libreoffice-l10n-or
suse-upgrade-libreoffice-l10n-pa
suse-upgrade-libreoffice-l10n-pl
suse-upgrade-libreoffice-l10n-pt_br
suse-upgrade-libreoffice-l10n-pt_pt
suse-upgrade-libreoffice-l10n-ro
suse-upgrade-libreoffice-l10n-ru
suse-upgrade-libreoffice-l10n-rw
suse-upgrade-libreoffice-l10n-sa_in
suse-upgrade-libreoffice-l10n-sat
suse-upgrade-libreoffice-l10n-sd
suse-upgrade-libreoffice-l10n-si
suse-upgrade-libreoffice-l10n-sid
suse-upgrade-libreoffice-l10n-sk
suse-upgrade-libreoffice-l10n-sl
suse-upgrade-libreoffice-l10n-sq
suse-upgrade-libreoffice-l10n-sr
suse-upgrade-libreoffice-l10n-ss
suse-upgrade-libreoffice-l10n-st
suse-upgrade-libreoffice-l10n-sv
suse-upgrade-libreoffice-l10n-sw_tz
suse-upgrade-libreoffice-l10n-szl
suse-upgrade-libreoffice-l10n-ta
suse-upgrade-libreoffice-l10n-te
suse-upgrade-libreoffice-l10n-tg
suse-upgrade-libreoffice-l10n-th
suse-upgrade-libreoffice-l10n-tn
suse-upgrade-libreoffice-l10n-tr
suse-upgrade-libreoffice-l10n-ts
suse-upgrade-libreoffice-l10n-tt
suse-upgrade-libreoffice-l10n-ug
suse-upgrade-libreoffice-l10n-uk
suse-upgrade-libreoffice-l10n-uz
suse-upgrade-libreoffice-l10n-ve
suse-upgrade-libreoffice-l10n-vec
suse-upgrade-libreoffice-l10n-vi
suse-upgrade-libreoffice-l10n-xh
suse-upgrade-libreoffice-l10n-zh_cn
suse-upgrade-libreoffice-l10n-zh_tw
suse-upgrade-libreoffice-l10n-zu
suse-upgrade-libreoffice-librelogo
suse-upgrade-libreoffice-mailmerge
suse-upgrade-libreoffice-math
suse-upgrade-libreoffice-officebean
suse-upgrade-libreoffice-pyuno
suse-upgrade-libreoffice-qt5
suse-upgrade-libreoffice-sdk
suse-upgrade-libreoffice-sdk-doc
suse-upgrade-libreoffice-writer
suse-upgrade-libreoffice-writer-extensions
suse-upgrade-libreofficekit
suse-upgrade-libreofficekit-devel
suse-upgrade-libxmlsec1-1
suse-upgrade-libxmlsec1-gcrypt1
suse-upgrade-libxmlsec1-gnutls1
suse-upgrade-libxmlsec1-nss1
suse-upgrade-libxmlsec1-openssl1
suse-upgrade-typelib-1_0-atk-1_0
suse-upgrade-xmlsec1
suse-upgrade-xmlsec1-devel
suse-upgrade-xmlsec1-gcrypt-devel
suse-upgrade-xmlsec1-gnutls-devel
suse-upgrade-xmlsec1-nss-devel
suse-upgrade-xmlsec1-openssl-devel

References

https://attackerkb.com/topics/cve-2023-2255
CVE - 2023-2255
DSA-5415

引用

Mention

登录

SUSE: CVE-2023-2255: SUSE Linux Security Advisory

recommended_posts

SUSE: CVE-2023-2255: SUSE Linux Security Advisory

Description

Solution(s)

References

参与讨论

欢迎来到红帽社区

社区动态

渗透测试信息搜集必备FOFA怎么使用？2025详细FOFA使用教程

現在學網絡安全還來得及嗎？想問一下大家

現在學網絡安全還來得及嗎？想問一下大家

現在學網絡安全還來得及嗎？想問一下大家

現在學網絡安全還來得及嗎？想問一下大家

帐户

导航

搜索