 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2023-2255 |
| Description: | Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3. |
| Test IDs: | 1.3.6.1.4.1.25623.1.1.1.2.2023.3526 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2023-2255 Debian Security Information: DSA-5415 (Google Search) https://www.debian.org/security/2023/dsa-5415 https://security.gentoo.org/glsa/202311-15 https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255 https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255 https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html |