CVE-2024-3044
6.5MEDIUMUnchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clic
Published: 5/14/2024Updated: 12/10/2025
Description
Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.
AI AnalysisPowered by AI
Affected Products
libreofficelibreoffice
libreofficelibreoffice
fedoraprojectfedora
39
debiandebian_linux
10.0
References
- https://lists.debian.org/debian-lts-announce/2024/05/msg00016.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TU3TYDXICKPYHMCNL7ARYYBXACEAYJ4/Mailing ListThird Party Advisory
- https://www.libreoffice.org/about-us/security/advisories/CVE-2024-3044Vendor Advisory
- https://lists.debian.org/debian-lts-announce/2024/05/msg00016.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TU3TYDXICKPYHMCNL7ARYYBXACEAYJ4/Mailing ListThird Party Advisory
- https://www.libreoffice.org/about-us/security/advisories/CVE-2024-3044Vendor Advisory