CVE-2025-1080
CVE-2025-1080
Título es
CVE-2025-1080
Mar, 04/03/2025 – 20:15
Tipo
CWE-20
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2025-1080
Descripción en
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments.
This issue affects LibreOffice: from 24.8 before
04/03/2025
04/03/2025
Vector CVSS:4.0
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Gravedad 4.0
7.20
Gravedad 4.0 txt
HIGH
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis
Referencias
https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080
Enviar en el boletín
Off
