AVG-1184 log

Package	libreoffice-still
Status	Fixed
Severity	Medium
Type	multiple issues
Affected	6.3.6-2
Fixed	6.4.6-1
Current	25.2.7-4 [extra]
Ticket	None
Created	Tue Jun 9 08:31:24 2020

Issue	Severity	Remote	Type	Description
CVE-2020-12803	Medium	Yes	Arbitrary file overwrite	ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an...
CVE-2020-12802	Low	Yes	Access restriction bypass	LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the...

Issue

Severity

Remote

Type

Description

CVE-2020-12803

Medium

Yes

Arbitrary file overwrite

ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an...

CVE-2020-12802

Low

Yes

Access restriction bypass

LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the...

References
https://www.libreoffice.org/about-us/security/advisories/cve-2020-12802/ https://www.libreoffice.org/about-us/security/advisories/cve-2020-12803/