Test ID:	1.3.6.1.4.1.25623.1.0.843468
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-3579-3)
Summary:	The remote host is missing an update for the 'libreoffice' package(s) announced via the USN-3579-3 advisory.
Description:	Summary: The remote host is missing an update for the 'libreoffice' package(s) announced via the USN-3579-3 advisory. Vulnerability Insight: USN-3579-1 fixed a vulnerability in LibreOffice. After upgrading, it was no longer possible for LibreOffice to open documents from certain locations outside of the user's home directory. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that =WEBSERVICE calls in a document could be used to read arbitrary files. If a user were tricked in to opening a specially crafted document, a remote attacker could exploit this to obtain sensitive information. (CVE-2018-6871) Affected Software/OS: 'libreoffice' package(s) on Ubuntu 17.10. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-6871 Debian Security Information: DSA-4111 (Google Search) https://www.debian.org/security/2018/dsa-4111 https://www.exploit-db.com/exploits/44022/ https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure RedHat Security Advisories: RHSA-2018:0418 https://access.redhat.com/errata/RHSA-2018:0418 RedHat Security Advisories: RHSA-2018:0517 https://access.redhat.com/errata/RHSA-2018:0517 https://usn.ubuntu.com/3579-1/
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.