Nixpkgs security tracker

Permalink CVE-2023-1183

5.0 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): HIGH
Availability impact (A): NONE

created 1 year, 2 months ago

Arbitrary file write

A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.

References

https://access.redhat.com/security/cve/CVE-2023-1183 vdb-entryx_refsource_REDHAT
RHBZ#2208506 x_refsource_REDHATissue-tracking
https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/
http://www.openwall.com/lists/oss-security/2023/12/28/4
http://www.openwall.com/lists/oss-security/2024/01/03/4
https://access.redhat.com/security/cve/CVE-2023-1183 vdb-entryx_refsource_REDHATx_transferred
RHBZ#2208506 x_refsource_REDHATissue-trackingx_transferred
https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/ x_transferred
http://www.openwall.com/lists/oss-security/2023/12/28/4 x_transferred
http://www.openwall.com/lists/oss-security/2024/01/03/4 x_transferred
https://access.redhat.com/security/cve/CVE-2023-1183 vdb-entryx_refsource_REDHAT
RHBZ#2208506 x_refsource_REDHATissue-tracking
https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/
https://access.redhat.com/security/cve/CVE-2023-1183 vdb-entryx_refsource_REDHAT
RHBZ#2208506 x_refsource_REDHATissue-tracking
https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/
http://www.openwall.com/lists/oss-security/2023/12/28/4
http://www.openwall.com/lists/oss-security/2024/01/03/4
https://access.redhat.com/security/cve/CVE-2023-1183 vdb-entryx_refsource_REDHAT
RHBZ#2208506 x_refsource_REDHATissue-tracking
https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/
http://www.openwall.com/lists/oss-security/2023/12/28/4
http://www.openwall.com/lists/oss-security/2024/01/03/4
https://access.redhat.com/security/cve/CVE-2023-1183 vdb-entryx_refsource_REDHATx_transferred
RHBZ#2208506 x_refsource_REDHATissue-trackingx_transferred
https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/ x_transferred
http://www.openwall.com/lists/oss-security/2023/12/28/4 x_transferred
http://www.openwall.com/lists/oss-security/2024/01/03/4 x_transferred
https://access.redhat.com/security/cve/CVE-2023-1183 vdb-entryx_refsource_REDHAT
RHBZ#2208506 x_refsource_REDHATissue-tracking
https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/
http://www.openwall.com/lists/oss-security/2023/12/28/4
http://www.openwall.com/lists/oss-security/2024/01/03/4
https://access.redhat.com/security/cve/CVE-2023-1183 vdb-entryx_refsource_REDHATx_transferred
RHBZ#2208506 x_refsource_REDHATissue-trackingx_transferred
https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/ x_transferred
http://www.openwall.com/lists/oss-security/2023/12/28/4 x_transferred
http://www.openwall.com/lists/oss-security/2024/01/03/4 x_transferred

Affected products

libreoffice

==7.4.6
==7.5.1

Matching in nixpkgs

pkgs.libreoffice-bin

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 7.6.7
- nixpkgs-unstable 7.6.7
- nixos-unstable-small 7.6.7

pkgs.hyphenDicts.de_AT

Hyphen dictionary for German (Austria) from LibreOffice

nixos-unstable 24.8
- nixpkgs-unstable 24.8
- nixos-unstable-small 24.8

pkgs.hyphenDicts.de_CH

Hyphen dictionary for German (Switzerland) from LibreOffice

nixos-unstable 24.8
- nixpkgs-unstable 24.8
- nixos-unstable-small 24.8

pkgs.hyphenDicts.de_DE

Hyphen dictionary for German (Germany) from LibreOffice

nixos-unstable 24.8
- nixpkgs-unstable 24.8
- nixos-unstable-small 24.8

pkgs.libreoffice-fresh

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.8.3.2-wrapped
- nixpkgs-unstable 24.8.3.2-wrapped
- nixos-unstable-small 24.8.3.2-wrapped

pkgs.libreoffice-still

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.2.7.2-wrapped
- nixpkgs-unstable 24.2.7.2-wrapped
- nixos-unstable-small 24.2.7.2-wrapped

pkgs.hunspellDicts.cs_CZ

Hunspell dictionary for Czech (Czechia) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.el_GR

Hunspell dictionary for Greek (Greece) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.he_IL

Hunspell dictionary for Hebrew (Israel) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.hr_HR

Hunspell dictionary for Croatian (Croatia) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.hu_HU

Hunspell dictionary for Hungarian (Hungary) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.id_id

Hunspell dictionary for Bahasa Indonesia (Indonesia) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.nb_NO

Hunspell dictionary for Norwegian Bokmål (Norway) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.nn_NO

Hunspell dictionary for Norwegian Nynorsk (Norway) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.pl_PL

Hunspell dictionary for Polish (Poland) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.pt_BR

Hunspell dictionary for Portuguese (Brazil) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.pt_PT

Hunspell dictionary for Portuguese (Portugal) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.ru_RU

Hunspell dictionary for Russian (Russian) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.hunspellDicts.sk_SK

Hunspell dictionary for Slovak (Slovakia) from LibreOffice

nixos-unstable 6.3.0.4
- nixpkgs-unstable 6.3.0.4
- nixos-unstable-small 6.3.0.4

pkgs.libreoffice-qt-fresh

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.8.3.2-wrapped
- nixpkgs-unstable 24.8.3.2-wrapped
- nixos-unstable-small 24.8.3.2-wrapped

pkgs.libreoffice-qt-still

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.2.7.2-wrapped
- nixpkgs-unstable 24.2.7.2-wrapped
- nixos-unstable-small 24.2.7.2-wrapped

pkgs.libreoffice-collabora

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.04.5-4
- nixpkgs-unstable 24.04.5-4
- nixos-unstable-small 24.04.5-4

pkgs.libreoffice-qt6-fresh

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.8.3.2-wrapped
- nixpkgs-unstable 24.8.3.2-wrapped
- nixos-unstable-small 24.8.3.2-wrapped

pkgs.libreoffice-qt6-still

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.2.7.2-wrapped
- nixpkgs-unstable 24.2.7.2-wrapped
- nixos-unstable-small 24.2.7.2-wrapped

pkgs.libreoffice-unwrapped

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.2.7.2
- nixpkgs-unstable 24.2.7.2
- nixos-unstable-small 24.2.7.2

pkgs.libreoffice-qt6-unwrapped

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.2.7.2
- nixpkgs-unstable 24.2.7.2
- nixos-unstable-small 24.2.7.2

pkgs.libreoffice-fresh-unwrapped

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.8.3.2
- nixpkgs-unstable 24.8.3.2
- nixos-unstable-small 24.8.3.2

pkgs.libreoffice-qt-fresh-unwrapped

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.8.3.2
- nixpkgs-unstable 24.8.3.2
- nixos-unstable-small 24.8.3.2

pkgs.libreoffice-qt6-fresh-unwrapped

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.8.3.2
- nixpkgs-unstable 24.8.3.2
- nixos-unstable-small 24.8.3.2

pkgs.libreoffice-qt6-still-unwrapped

Comprehensive, professional-quality productivity suite, a variant of openoffice.org

nixos-unstable 24.2.7.2
- nixpkgs-unstable 24.2.7.2
- nixos-unstable-small 24.2.7.2

Package maintainers

@vlaci László Vaskó <laszlo.vasko@outlook.com>
@theCapypara Marco Köpcke <hello@capypara.de>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>
@tricktron Thibault Gagnaux <tgagnaux@gmail.com>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.libreoffice-bin

pkgs.hyphenDicts.de_AT

pkgs.hyphenDicts.de_CH

pkgs.hyphenDicts.de_DE

pkgs.libreoffice-fresh

pkgs.libreoffice-still

pkgs.hunspellDicts.cs_CZ

pkgs.hunspellDicts.el_GR

pkgs.hunspellDicts.he_IL

pkgs.hunspellDicts.hr_HR

pkgs.hunspellDicts.hu_HU

pkgs.hunspellDicts.id_id

pkgs.hunspellDicts.nb_NO

pkgs.hunspellDicts.nn_NO

pkgs.hunspellDicts.pl_PL

pkgs.hunspellDicts.pt_BR

pkgs.hunspellDicts.pt_PT

pkgs.hunspellDicts.ru_RU

pkgs.hunspellDicts.sk_SK

pkgs.libreoffice-qt-fresh

pkgs.libreoffice-qt-still

pkgs.libreoffice-collabora

pkgs.libreoffice-qt6-fresh

pkgs.libreoffice-qt6-still

pkgs.libreoffice-unwrapped

pkgs.libreoffice-qt6-unwrapped

pkgs.libreoffice-fresh-unwrapped

pkgs.libreoffice-qt-fresh-unwrapped

pkgs.libreoffice-qt6-fresh-unwrapped

pkgs.libreoffice-qt6-still-unwrapped

Package maintainers