Kusagadzikana (CVE-2022-3140) kwakawanikwa mune yakavhurika-sosi hofisi suite LibreOffice. Kusagadzikana uku kunobvumira zvinyorwa zvisina tsarukano kuti zviitwe kana chinongedzo chakagadzirwa mugwaro chakadzvanywa kana chiitiko chakati chatangwa uchishanda negwaro. Nyaya yacho yakagadziriswa muLibreOffice 7.3.6 uye 7.4.1.
Kusagadzikana uku kunokonzerwa nekuwedzerwa kwerutsigiro rwechirongwa chekudaidza macro, 'vnd.libreoffice.command', chakanangana neLibreOffice. Chirongwa ichi chinogona zvakare kushandiswa mumaURI anoshandiswa kubatanidza LibreOffice ne server MS SharePoint. Munhu anorwisa anogona kushandisa maURI akadaro kugadzira malink anodana chero ma macro emukati ane nharo dzisina kurongeka. Kana akadzvanywa kana kuvhurwa nechiitiko chiri mugwaro, malink akadaro anogona kushandiswa kumhanyisa mascript pasina kuratidza yambiro kumushandisi.
Source: opennet.ru
