A flaw was found in libreoffice. If a document does not contain macros/scripts, but references a pre-installed macro/script execution of those macros/scripts, execution is allowed without warning bypassing normal behavior.
Name: The LibreOffice project
Upstream: Alex Inführ
In versions of libreoffice shipped with Red Hat Enterprise Linux 6 and 7, arbitrary arguements cannot be passed to the scripts/macros, hence meaningful exploitation is difficult.
Created libreoffice tracking bugs for this issue:
Affects: fedora-all [bug 1672002]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2019:2130 https://access.redhat.com/errata/RHSA-2019:2130
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):