Home > Vulnerability Database > CVE-2024-6472

Mend.io Vulnerability Database

CVE-2024-6472

Date: August 5, 2024

Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5.

Language: C++

Severity Score

7.8

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-6472

Url: https://www.libreoffice.org/about-us/security/advisories/CVE-2024-6472

Url: https://www.mend.io/vulnerability-database/CVE-2024-6472

Severity Score

7.8

Weakness Type (CWE)

Improper Certificate Validation

CWE-295

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-6472

Date: August 5, 2024

Language: C++

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?