This vulnerability, discovered by Nils Emmerich, resides in LibreLogo, a programmable turtle vector graphics script that ships by default with LibreOffice, and still exists in the latest version has been patched in version 6.2.5. LibreLogo allows users to specify pre-installed scripts in a document that can be executed on various events such as mouse-over: the […]
Article Link: https://www.andreafortuna.org/2019/07/27/cve-2019-9848-unpatched-flaw-in-libreoffice-allows-malicious-code-execution/