Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4242 advisory.

    [6.4.7.2-17.0.1]
    - Replace colors with Oracle colors [Orabug: 32120093]
    - Build with --with-vendor='Oracle America, Inc.'
    - Added the --with-hamcrest option to configure.

    [6.4.7.2]
    - Remove Red Hat branding
    - Change vendor to RESF

    [1:6.4.7.2-17]
    - Fix CVE-2024-3044 add notify for script use

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2257-1 advisory.

    Libreoffice was updated to version 24.2.4.2:

    - Release notes:

      * https://wiki.documentfoundation.org/Releases/24.2.1/RC1
      * https://wiki.documentfoundation.org/Releases/24.2.1/RC2

    - Security issues fixed:

      * CVE-2024-3044: Fixed unchecked script execution in graphic on-click binding (bsc#1224279)

    - Other issues fixed:

      * Fixed LibreOffice build failures with ICU 75 (bsc#1224309)

    - Updated bundled dependencies:

      * curl version update from 8.6.0 to 8.7.1
      * gpgme version update from 1.20.0 to 1.23.2
      * libassuan version update from 2.5.6 to 2.5.7
      * libgpg-error version update from 1.47 to 1.48

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2258-1 advisory.

    Libreoffice was updated to version 24.2.4.2:

    - Release notes:

      * https://wiki.documentfoundation.org/Releases/24.2.1/RC1
      * https://wiki.documentfoundation.org/Releases/24.2.1/RC2

    - Security issues fixed:

      * CVE-2024-3044: Fixed unchecked script execution in graphic on-click binding (bsc#1224279)

    - Other issues fixed:

      * Fixed LibreOffice build failures with ICU 75 (bsc#1224309)

    - Updated bundled dependencies:

      * curl version update from 8.6.0 to 8.7.1
      * gpgme version update from 1.20.0 to 1.23.2
      * libassuan version update from 2.5.6 to 2.5.7
      * libgpg-error version update from 1.47 to 1.48

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4242 advisory.

    LibreOffice is an open source, community-developed office productivity suite. It includes key desktop     applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a     drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office     suite.

    Security Fix(es):

    * libreoffice: create a document which without prompt will execute scripts built-into LibreOffice on     clicking a graphic (CVE-2024-3044)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6789-1 advisory.

    Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user     were tricked into clicking a graphic in a specially crafted document, a remote attacker could possibly run     arbitrary script.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3821 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-3821-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                   Bastien Roucaris     May 26, 2024                                  https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : libreoffice     Version        : 1:6.1.5-3+deb10u12     CVE ID         : CVE-2024-3044

    Unchecked script execution in Graphic on-click binding     in affected LibreOffice versions allows an attacker to create     a document which without prompt will execute scripts built-into     LibreOffice on clicking a graphic. Such scripts were previously     deemed trusted but are now deemed untrusted.

    For Debian 10 buster, this problem has been fixed in version     1:6.1.5-3+deb10u12.

    We recommend that you upgrade your libreoffice packages.

    For the detailed security status of libreoffice please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/libreoffice

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-7989718224 advisory.

    7.6.7.2

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LibreOffice installed on the remote host is prior to 24.2.3 or 7.6.7. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3044 advisory.

  - Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker     to create a document which without prompt will execute scripts built-into LibreOffice on clicking a     graphic. Such scripts were previously deemed trusted but are now deemed untrusted. (CVE-2024-3044)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5690 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5690-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     May 15, 2024                          https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : libreoffice     CVE ID         : CVE-2024-3044

    Amel Bouziane-Leblond discovered that LibreOffice's support for binding     scripts to click events on graphics could result in unchecked script     execution.

    For the oldstable distribution (bullseye), this problem has been fixed     in version 1:7.0.4-4+deb11u9.

    For the stable distribution (bookworm), this problem has been fixed in     version 4:7.4.7-1+deb12u2.

    We recommend that you upgrade your libreoffice packages.

    For the detailed security status of libreoffice please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/libreoffice

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
201847	Oracle Linux 8 : libreoffice (ELSA-2024-4242)	Nessus	Oracle Linux Local Security Checks	high
201315	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libreoffice (SUSE-SU-2024:2257-1)	Nessus	SuSE Local Security Checks	high
201313	SUSE SLED12 / SLES12 Security Update : libreoffice (SUSE-SU-2024:2258-1)	Nessus	SuSE Local Security Checks	high
201273	RHEL 8 : libreoffice (RHSA-2024:4242)	Nessus	Red Hat Local Security Checks	high
198045	Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : LibreOffice vulnerability (USN-6789-1)	Nessus	Ubuntu Local Security Checks	high
197928	Debian dla-3821 : fonts-opensymbol - security update	Nessus	Debian Local Security Checks	high
197866	Fedora 39 : libreoffice (2024-7989718224)	Nessus	Fedora Local Security Checks	high
197300	LibreOffice < 7.6.7 / 8.0.x < 24.2.3 (cve-2024-3044)	Nessus	Misc.	critical
197090	Debian dsa-5690 : fonts-opensymbol - security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2024-3044

high

Tenable Plugins

high

high

high

high

high

high

high

critical

high