CVE-2023-6185

Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins.

In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.3 HIGH
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
Document Fdn.CNA
8.3 HIGH
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
libreofficelibreoffice
7.5.0 ≤
𝑥
< 7.5.9
libreofficelibreoffice
7.6.0 ≤
𝑥
< 7.6.3
debiandebian_linux
11.0
debiandebian_linux
12.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libreoffice
bullseye
1:7.0.4-4+deb11u10
fixed
bullseye (security)
1:7.0.4-4+deb11u11
fixed
bookworm
4:7.4.7-1+deb12u5
fixed
bookworm (security)
4:7.4.7-1+deb12u5
fixed
sid
4:24.8.4-1
fixed
trixie
4:24.8.4-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libreoffice
mantic
Fixed 4:7.6.4-0ubuntu0.23.10.1
released
lunar
Fixed 4:7.5.9-0ubuntu0.23.04.1
released
jammy
Fixed 1:7.3.7-0ubuntu0.22.04.4
released
focal
Fixed 1:6.4.7-0ubuntu0.20.04.9
released
bionic
ignored
xenial
ignored
trusty
ignored
References
https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/
https://www.debian.org/security/2023/dsa-5574
https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185
https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/
https://www.debian.org/security/2023/dsa-5574
https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185