Skip to content
/ CVE-2019-9849 Public

CVE-2019-9849: Remote bullet graphics retrieved in “stealth mode” in LibreOffice

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mbadanoiu/CVE-2019-9849

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LibreOffice - CVE-2019-9849.pdf
LibreOffice - CVE-2019-9849.pdf
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2019-9849: Remote bullet graphics retrieved in “stealth mode” in LibreOffice

LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources.
This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document.
A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5.

HTML Tag HTML Attribute Triggers When Opened Triggers On Save/Export
ol src No Yes
ul src No Yes

Vendor Disclosure:

The vendor's disclosure for this vulnerability can be found here.

Proof Of Concept:

More details and the exploitation process (plus other HTML tag-attribute combination that result in SSRF) can be found in this PDF.

About

CVE-2019-9849: Remote bullet graphics retrieved in “stealth mode” in LibreOffice

Topics

cve bypass server-side-request-forgery cves 0-day cve-2019-9849

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository