Vulnerability CVE-2018-6871


Published: 2018-02-09

Description:
LibreOffice through 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.

See advisories in our WLB2 database:
Topic
Author
Date
High
LibreOffice < 6.0.1 =WEBSERVICE Remote Arbitrary File Disclosure
jollheef
12.02.2018

 References:
https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure

Copyright 2018, cxsecurity.com

 

Back to Top