What is CVE-2018-10583?

CVE-2018-10583 is a vulnerability in N/a. Published 2018-05-01.

Is CVE-2018-10583 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-10583

An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/te…

EPSS: 0.719 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

security-tracker.debian.org/tracker/CVE-2018-10583 (x_refsource_CONFIRM)
RHSA-2018:3054 (x_refsource_REDHAT, vendor-advisory)
USN-3883-1 (x_refsource_UBUNTU, vendor-advisory)
44564 (exploit, x_refsource_EXPLOIT-DB)
secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/ (x_refsource_MISC)
[openoffice-dev] 20190928 CVE-2018-10583 (mailing-list, x_refsource_MLIST)
[openoffice-dev] 20190929 Re: CVE-2018-10583 (mailing-list, x_refsource_MLIST)
[openoffice-dev] 20190930 Re: CVE-2018-10583 (mailing-list, x_refsource_MLIST)
20201021 [RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton (mailing-list, x_refsource_FULLDISC)

Frequently asked questions

What is CVE-2018-10583?: CVE-2018-10583 is a vulnerability in N/a. Published 2018-05-01.
Is CVE-2018-10583 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.