Array Index UnderFlow in Calc Formula Parsing
CVE-2023-0950

7.8HIGH

Key Information:

Vendor

The Document Foundation

Status
Libreoffice
Vendor
CVE Published:
25 May 2023

What is CVE-2023-0950?

A vulnerability exists in the spreadsheet component of LibreOffice that allows an attacker to exploit improper validation of array indexing. By crafting a specific type of malformed spreadsheet document—particularly using the AGGREGATE function—an attacker can cause an array index underflow when the document is loaded. This underflow may enable the execution of arbitrary code, posing significant security risks to affected users. The issue is present in LibreOffice versions 7.4 before 7.4.6 and 7.5 before 7.5.1.

Affected Version(s)

LibreOffice 7.4 < 7.4.6

LibreOffice 7.5 < 7.5.1

References

https://www.libreoffice.org/about-us/security/advisories/...
https://www.debian.org/security/2023/dsa-5415
vendor-advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg0...
mailing-list

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Secusmart GmbH for discovering and reporting the issue
Eike Rathke of Red Hat, Inc. for a solution
JSON
.