Oval Definition:oval:org.opensuse.security:def:202226305
Revision Date:2022-09-01Version:1
Title:CVE-2022-26305
Description:

An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro was actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a serial number and an issuer string identical to a trusted certificate which LibreOffice would present as belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2022-26305
SUSE CVE-2022-26305
Platform(s):SUSE Linux Enterprise Desktop 12 SP5
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Workstation Extension 12 SP5
SUSE Linux Enterprise Workstation Extension 15 SP4
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP4 is installed
  • AND Package Information
  • libreoffice is affected
  • OR libreoffice-base is affected
  • OR libreoffice-base-drivers-postgresql is affected
  • OR libreoffice-branding-upstream is affected
  • OR libreoffice-calc is affected
  • OR libreoffice-calc-extensions is affected
  • OR libreoffice-draw is affected
  • OR libreoffice-filters-optional is affected
  • OR libreoffice-gnome is affected
  • OR libreoffice-gtk3 is affected
  • OR libreoffice-icon-themes is affected
  • OR libreoffice-impress is affected
  • OR libreoffice-l10n-af is affected
  • OR libreoffice-l10n-ar is affected
  • OR libreoffice-l10n-as is affected
  • OR libreoffice-l10n-bg is affected
  • OR libreoffice-l10n-bn is affected
  • OR libreoffice-l10n-br is affected
  • OR libreoffice-l10n-ca is affected
  • OR libreoffice-l10n-ckb is affected
  • OR libreoffice-l10n-cs is affected
  • OR libreoffice-l10n-cy is affected
  • OR libreoffice-l10n-da is affected
  • OR libreoffice-l10n-de is affected
  • OR libreoffice-l10n-dz is affected
  • OR libreoffice-l10n-el is affected
  • OR libreoffice-l10n-en is affected
  • OR libreoffice-l10n-eo is affected
  • OR libreoffice-l10n-es is affected
  • OR libreoffice-l10n-et is affected
  • OR libreoffice-l10n-eu is affected
  • OR libreoffice-l10n-fa is affected
  • OR libreoffice-l10n-fi is affected
  • OR libreoffice-l10n-fr is affected
  • OR libreoffice-l10n-fur is affected
  • OR libreoffice-l10n-ga is affected
  • OR libreoffice-l10n-gl is affected
  • OR libreoffice-l10n-gu is affected
  • OR libreoffice-l10n-he is affected
  • OR libreoffice-l10n-hi is affected
  • OR libreoffice-l10n-hr is affected
  • OR libreoffice-l10n-hu is affected
  • OR libreoffice-l10n-it is affected
  • OR libreoffice-l10n-ja is affected
  • OR libreoffice-l10n-kk is affected
  • OR libreoffice-l10n-kn is affected
  • OR libreoffice-l10n-ko is affected
  • OR libreoffice-l10n-lt is affected
  • OR libreoffice-l10n-lv is affected
  • OR libreoffice-l10n-mai is affected
  • OR libreoffice-l10n-ml is affected
  • OR libreoffice-l10n-mr is affected
  • OR libreoffice-l10n-nb is affected
  • OR libreoffice-l10n-nl is affected
  • OR libreoffice-l10n-nn is affected
  • OR libreoffice-l10n-nr is affected
  • OR libreoffice-l10n-nso is affected
  • OR libreoffice-l10n-or is affected
  • OR libreoffice-l10n-pa is affected
  • OR libreoffice-l10n-pl is affected
  • OR libreoffice-l10n-pt_BR is affected
  • OR libreoffice-l10n-pt_PT is affected
  • OR libreoffice-l10n-ro is affected
  • OR libreoffice-l10n-ru is affected
  • OR libreoffice-l10n-si is affected
  • OR libreoffice-l10n-sk is affected
  • OR libreoffice-l10n-sl is affected
  • OR libreoffice-l10n-sr is affected
  • OR libreoffice-l10n-ss is affected
  • OR libreoffice-l10n-st is affected
  • OR libreoffice-l10n-sv is affected
  • OR libreoffice-l10n-ta is affected
  • OR libreoffice-l10n-te is affected
  • OR libreoffice-l10n-th is affected
  • OR libreoffice-l10n-tn is affected
  • OR libreoffice-l10n-tr is affected
  • OR libreoffice-l10n-ts is affected
  • OR libreoffice-l10n-uk is affected
  • OR libreoffice-l10n-ve is affected
  • OR libreoffice-l10n-xh is affected
  • OR libreoffice-l10n-zh_CN is affected
  • OR libreoffice-l10n-zh_TW is affected
  • OR libreoffice-l10n-zu is affected
  • OR libreoffice-mailmerge is affected
  • OR libreoffice-math is affected
  • OR libreoffice-officebean is affected
  • OR libreoffice-pyuno is affected
  • OR libreoffice-writer is affected
  • OR libreoffice-writer-extensions is affected
  • OR libreofficekit is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP5 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • OR SUSE Linux Enterprise Workstation Extension 12 SP5 is installed
  • AND Package Information
  • libreoffice is affected
  • OR libreoffice-base is affected
  • OR libreoffice-base-drivers-postgresql is affected
  • OR libreoffice-branding-upstream is affected
  • OR libreoffice-calc is affected
  • OR libreoffice-calc-extensions is affected
  • OR libreoffice-draw is affected
  • OR libreoffice-filters-optional is affected
  • OR libreoffice-gnome is affected
  • OR libreoffice-gtk3 is affected
  • OR libreoffice-icon-themes is affected
  • OR libreoffice-impress is affected
  • OR libreoffice-l10n-af is affected
  • OR libreoffice-l10n-ar is affected
  • OR libreoffice-l10n-bg is affected
  • OR libreoffice-l10n-ca is affected
  • OR libreoffice-l10n-cs is affected
  • OR libreoffice-l10n-da is affected
  • OR libreoffice-l10n-de is affected
  • OR libreoffice-l10n-en is affected
  • OR libreoffice-l10n-es is affected
  • OR libreoffice-l10n-fi is affected
  • OR libreoffice-l10n-fr is affected
  • OR libreoffice-l10n-gu is affected
  • OR libreoffice-l10n-hi is affected
  • OR libreoffice-l10n-hr is affected
  • OR libreoffice-l10n-hu is affected
  • OR libreoffice-l10n-it is affected
  • OR libreoffice-l10n-ja is affected
  • OR libreoffice-l10n-ko is affected
  • OR libreoffice-l10n-lt is affected
  • OR libreoffice-l10n-nb is affected
  • OR libreoffice-l10n-nl is affected
  • OR libreoffice-l10n-nn is affected
  • OR libreoffice-l10n-pl is affected
  • OR libreoffice-l10n-pt_BR is affected
  • OR libreoffice-l10n-pt_PT is affected
  • OR libreoffice-l10n-ro is affected
  • OR libreoffice-l10n-ru is affected
  • OR libreoffice-l10n-sk is affected
  • OR libreoffice-l10n-sv is affected
  • OR libreoffice-l10n-uk is affected
  • OR libreoffice-l10n-xh is affected
  • OR libreoffice-l10n-zh_CN is affected
  • OR libreoffice-l10n-zh_TW is affected
  • OR libreoffice-l10n-zu is affected
  • OR libreoffice-librelogo is affected
  • OR libreoffice-mailmerge is affected
  • OR libreoffice-math is affected
  • OR libreoffice-officebean is affected
  • OR libreoffice-pyuno is affected
  • OR libreoffice-writer is affected
  • OR libreoffice-writer-extensions is affected
    • BACK