virus logo FortiClient Vulnerability

LibreOffice CVE-2022-3140 Argument Injection Vulnerability

description-logoDescription

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6.

affected-products-logoAffected Applications

LibreOffice

CVE References

CVE-2022-3140

Other References

https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140
ID 4562
Created Oct 26, 2022
Description
Updated		 Nov 07, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor LibreOffice
Patch manual
Application LibreOffice