Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Execution of Untrusted Macros Due to Improper Certificate Validation
Vulnerability Description
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user's configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.
CVSS Information
N/A
Vulnerability Type
不充分的加密强度
Vulnerability Title
LibreOffice 安全特征问题漏洞
Vulnerability Description
LibreOffice是文档基金会(The Document Foundation,tdf)的一套开源的办公软件套件。该产品包含Writer(文本文档)、Calc(电子表格)和Impress(演示文稿)等应用程序。 LibreOffice 7.2版本至7.2.7之前版本、7.3版本至7.3.1之前版本存在安全特征问题漏洞,该漏洞源于 LibreOffice 使用弱初始化向量来加密用户配置数据库中的 Web 连接密码。攻击者利用该漏洞可以解开受害者密码。
CVSS Information
N/A
Vulnerability Type
N/A