CVE-2019-9850: Insufficient url validation allowing LibreLogo script execution
First published: Thu Aug 15 2019(Updated: )
A vulnerability was found in LibreOffice prior to 6.2.6. LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added, to address <a href="https://access.redhat.com/security/cve/CVE-2019-9848">CVE-2019-9848</a>, to block calling LibreLogo from script event handers. However an insufficient url validation vulnerability in LibreOffice allowed malicious to bypass that protection and again trigger calling LibreLogo from script event handlers. Reference: <a href="https://seclists.org/bugtraq/2019/Aug/28">https://seclists.org/bugtraq/2019/Aug/28</a>
Credit: security@documentfoundation.org security@documentfoundation.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Canonical Ubuntu Linux | =19.04 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Fedoraproject Fedora | =29 | |
| Fedoraproject Fedora | =30 | |
| openSUSE Leap | =15.0 | |
| openSUSE Leap | =15.1 | |
| Libreoffice Libreoffice | <6.2.6 | |
| redhat/LibreOffice | <6.2.6 | 6.2.6 |
| redhat/LibreOffice | <6.3.0 | 6.3.0 |
| debian/libreoffice | 1:7.0.4-4+deb11u10 4:7.4.7-1+deb12u4 4:7.4.7-1+deb12u5 4:24.8.2-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html
- https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WVSDPZJG3UA43X3JXRHJAWXLDZEW77LM/
- https://seclists.org/bugtraq/2019/Aug/28
- https://usn.ubuntu.com/4102-1/
- https://www.debian.org/security/2019/dsa-4501
- https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850
- https://launchpad.net/bugs/cve/CVE-2019-9850
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMEGUWMWORC3DOVEHVXLFT3A5RSCMLBH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WVSDPZJG3UA43X3JXRHJAWXLDZEW77LM/
- https://access.redhat.com/security/cve/CVE-2019-9848
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1744863
- https://cgit.freedesktop.org/libreoffice/core/commit/?id=7942929685fafb0f9c82feb8da7279e5103c87f0
- https://access.redhat.com/errata/RHSA-2020:1151
- https://access.redhat.com/security/cve/cve-2019-9850
- https://access.redhat.com/errata/RHSA-2020:1598
- https://bugzilla.redhat.com/show_bug.cgi?id=1744862
- https://www.libreoffice.org/about-us/security/advisories/cve-2019-9850/
- https://security-tracker.debian.org/tracker/CVE-2019-9850
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850
- https://nvd.nist.gov/vuln/detail/CVE-2019-9850
- https://ubuntu.com/security/CVE-2019-9850
Frequently Asked Questions
What is CVE-2019-9850?
CVE-2019-9850 is a vulnerability in LibreOffice that allows arbitrary python commands to be executed from a document.
What is the severity of CVE-2019-9850?
CVE-2019-9850 has a severity rating of 9.8, which is considered critical.
How does CVE-2019-9850 affect LibreOffice?
CVE-2019-9850 affects LibreOffice versions 1:6.0.7-0ubuntu0.18.04.9, 1:6.2.6-0ubuntu0.19.04.1, 1:6.3.0-1, 1:5.1.6~, 6.2.6, and 6.3.0.
How can I fix CVE-2019-9850 in LibreOffice?
To fix CVE-2019-9850 in LibreOffice, you should update to the latest version of LibreOffice available for your operating system.
Where can I find more information about CVE-2019-9850?
You can find more information about CVE-2019-9850 at the following references: [link1], [link2], [link3].
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-9850
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/references
- agent/event
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- version/canonical ubuntu linux/19.04
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/29
- version/fedoraproject fedora/30
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.0
- version/opensuse leap/15.1
- vendor/libreoffice
- canonical/libreoffice libreoffice
- package-manager/redhat
- package-manager/debian