A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
| Link | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2023-1183 | vdb entry third party advisory |
| https://bugzilla.redhat.com/show_bug.cgi?id=2208506 | issue tracking third party advisory |
| https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/ | patch vendor advisory |
| http://www.openwall.com/lists/oss-security/2023/12/28/4 | |
| http://www.openwall.com/lists/oss-security/2024/01/03/4 |