Vulnerability Details : CVE-2018-10583
Public exploit exists!
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
Vulnerability category: Information leak
Products affected by CVE-2018-10583
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:openoffice:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:a:libreoffice:libreoffice:6.0.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-10583
66.35%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2018-10583
-
LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator
Disclosure Date: 2018-05-01First seen: 2020-04-26auxiliary/fileformat/odt_badodtGenerates a Malicious ODT File which can be used with auxiliary/server/capture/smb or similar to capture hashes. Authors: - Richard Davy - secureyourit.co.uk
CVSS scores for CVE-2018-10583
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2018-10583
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-10583
-
http://seclists.org/fulldisclosure/2020/Oct/26
Full Disclosure: [RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton
-
https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d@%3Cdev.openoffice.apache.org%3E
CVE-2018-10583 - Pony Mail
-
https://usn.ubuntu.com/3883-1/
USN-3883-1: LibreOffice vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af@%3Cdev.openoffice.apache.org%3E
Re: CVE-2018-10583 - Pony Mail
-
https://security-tracker.debian.org/tracker/CVE-2018-10583
CVE-2018-10583Issue Tracking;Third Party Advisory
-
http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/
NTLM Credential Theft via malicious ODT Files – secureyourit.co.ukExploit;Mitigation;Third Party Advisory
-
https://www.exploit-db.com/exploits/44564/
LibreOffice/Open Office - '.odt' Information DisclosureExploit;Third Party Advisory;VDB Entry
-
https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909@%3Cdev.openoffice.apache.org%3E
Pony Mail!
-
https://access.redhat.com/errata/RHSA-2018:3054
RHSA-2018:3054 - Security Advisory - Red Hat Customer PortalThird Party Advisory
Jump to