CVE-2019-9849 Vulnerability Details

  /     /     /  

CVE-2019-9849 Metadata Quick Info

CVE Published: 17/07/2019 | CVE Updated: 17/09/2024 | CVE Year: 2019
Source: Document Fdn. | Vendor: Document Foundation | Product: LibreOffice
Status : PUBLISHED

CVE-2019-9849 Description

LibreOffice has a \'stealth mode\' in which only documents from locations deemed \'trusted\' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice\'s ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: In stealth mode where only trusted documents are allowed to download remote resources untrusted documents could download remote bullet graphics urls
Source: Document Foundation

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2019-9849 Vulnerability Details