Detections
Analytics

LibreOffice 24.8.x < 24.8.4 Multiple vulnerabilities

medium Nessus Plugin ID 214314

Language:

Synopsis

The remote host is missing a security update.

Description

The version of LibreOffice installed on the remote host is prior to 24.8.4. It is, therefore, affected by multiple vulnerabilities as referenced in the advisory.

 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with '.ttf', by supplying a file in a format that supports embedded font files. (CVE-2024-12425)

 - Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remote server on opening a document containing such links. (CVE-2024-12426)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to LibreOffice version 24.8.4 or later.

See Also

http://www.nessus.org/u?186d87e8

http://www.nessus.org/u?2c820250

Plugin Details

Severity: Medium

ID: 214314

File Name: libreoffice_24_8_4.nasl

Version: 1.2

Type: local

Agent: windows, macosx, unix

Family: Misc.

Published: 1/17/2025

Updated: 1/23/2025

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.7

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N

CVSS Score Source: CVE-2024-12426

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:libreoffice:libreoffice

Required KB Items: installed_sw/LibreOffice

Exploit Ease: No known exploits are available

Patch Publication Date: 1/7/2025

Vulnerability Publication Date: 1/7/2025

Reference Information

CVE: CVE-2024-12425, CVE-2024-12426

IAVB: 2025-B-0003