ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0400
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0400)
Resumen:	The remote host is missing an update for the 'libmwaw, libreoffice' package(s) announced via the MGASA-2022-0400 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libmwaw, libreoffice' package(s) announced via the MGASA-2022-0400 advisory. Vulnerability Insight: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. (CVE-2022-3140) Affected Software/OS: 'libmwaw, libreoffice' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-3140 DSA-5252 https://www.debian.org/security/2022/dsa-5252 FEDORA-2022-775c747e4a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/ GLSA-202212-04 https://security.gentoo.org/glsa/202212-04 [debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.