Bug 1146098 - (CVE-2019-9850) VUL-0: CVE-2019-9850: libreoffice: Insufficient url validation allowing LibreLogo script execution
(CVE-2019-9850)
VUL-0: CVE-2019-9850: libreoffice: Insufficient url validation allowing Libr...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/240266/
CVSSv3:SUSE:CVE-2019-9850:5.9:(AV:L/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-08-19 08:32 UTC by Alexandros Toptsoglou
Modified: 2020-02-05 07:48 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2019-08-19 08:32:34 UTC
CVE-2019-9850

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector
graphics script, which can execute arbitrary python commands contained with the
document it is launched from. LibreOffice also has a feature where documents can
specify that pre-installed scripts can be executed on various document script
events such as mouse-over, etc. Protection was added, to address CVE-2019-9848,
to block calling LibreLogo from script event handers. However an insufficient
url validation vulnerability in LibreOffice allowed malicious to bypass that
protection and again trigger calling LibreLogo from script event handlers. This
issue affects: Document Foundation LibreOffice versions prior to 6.2.6.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-9850
http://www.debian.org/security/2019/dsa-4501
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9850.html
http://www.cvedetails.com/cve/CVE-2019-9850/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850
https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850
Comment 1 Alexandros Toptsoglou 2019-08-19 08:33:37 UTC
Versions prior 6.2.6 are affected. Based on this all codestreams are affected
Comment 2 Tomáš Chvátal 2019-08-19 08:44:56 UTC
Added the cve to the TW changelog.
Comment 3 Swamp Workflow Management 2019-08-19 09:50:09 UTC
This is an autogenerated message for OBS integration:
This bug (1146098) was mentioned in
https://build.opensuse.org/request/show/724527 Factory / libreoffice
Comment 5 Tomáš Chvátal 2019-08-19 11:56:17 UTC
Submissions were done.
Comment 7 Swamp Workflow Management 2019-08-28 13:14:43 UTC
SUSE-SU-2019:2231-1: An update that solves 5 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1133534,1141861,1141862,1146098,1146105,1146107
CVE References: CVE-2019-9848,CVE-2019-9849,CVE-2019-9850,CVE-2019-9851,CVE-2019-9852
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    libreoffice-6.2.6.2-3.21.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2019-09-02 22:11:36 UTC
openSUSE-SU-2019:2057-1: An update that solves 5 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1133534,1141861,1141862,1146098,1146105,1146107
CVE References: CVE-2019-9848,CVE-2019-9849,CVE-2019-9850,CVE-2019-9851,CVE-2019-9852
Sources used:
openSUSE Leap 15.0 (src):    libreoffice-6.2.6.2-lp150.2.16.1
Comment 10 Swamp Workflow Management 2019-09-18 16:12:56 UTC
SUSE-SU-2019:2401-1: An update that solves 7 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1133534,1141861,1141862,1146098,1146105,1146107,1149943,1149944
CVE References: CVE-2019-9848,CVE-2019-9849,CVE-2019-9850,CVE-2019-9851,CVE-2019-9852,CVE-2019-9854,CVE-2019-9855
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    libreoffice-6.2.7.1-43.56.3
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    libreoffice-6.2.7.1-43.56.3
SUSE Linux Enterprise Desktop 12-SP4 (src):    libreoffice-6.2.7.1-43.56.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2019-09-18 16:15:15 UTC
SUSE-SU-2019:2402-1: An update that solves 7 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1133534,1141861,1141862,1146098,1146105,1146107,1149943,1149944
CVE References: CVE-2019-9848,CVE-2019-9849,CVE-2019-9850,CVE-2019-9851,CVE-2019-9852,CVE-2019-9854,CVE-2019-9855
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    libreoffice-6.2.7.1-8.10.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    libreoffice-6.2.7.1-8.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Swamp Workflow Management 2019-09-25 10:11:10 UTC
openSUSE-SU-2019:2183-1: An update that solves 7 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1133534,1141861,1141862,1146098,1146105,1146107,1149943,1149944
CVE References: CVE-2019-9848,CVE-2019-9849,CVE-2019-9850,CVE-2019-9851,CVE-2019-9852,CVE-2019-9854,CVE-2019-9855
Sources used:
openSUSE Leap 15.1 (src):    libreoffice-6.2.7.1-lp151.3.6.1
Comment 13 Marcus Meissner 2020-02-05 07:48:16 UTC
done