CVE-2019-9848: (un)patched flaw in LibreOffice allows malicious code execution

This vulnerability, discovered by Nils Emmerich, resides in LibreLogo, a programmable turtle vector graphics script that ships by default with LibreOffice, and still exists in the latest version has been patched in version 6.2.5. LibreLogo allows users to specify pre-installed scripts in a document that can be executed on various events such as mouse-over: the […]

Article Link: