Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ability to trust not validated macro signatures removed in high security mode
Vulnerability Description
Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
证书验证不恰当
Vulnerability Title
LibreOffice 安全漏洞
Vulnerability Description
LibreOffice是文档基金会(The Document Foundation,tdf)的一套开源的办公软件套件。该产品包含Writer(文本文档)、Calc(电子表格)和Impress(演示文稿)等应用程序。 LibreOffice 24.2.5 版本之前的 24.2 版本存在安全漏洞,该漏洞源于证书验证用户界面中,如果证书验证失败,用户可能不会完全理解失败的原因,并且可能选择忽略警告并启用宏。
CVSS Information
N/A
Vulnerability Type
N/A