cpe:/a:apache:openoffice:4.1.5 cpe:/a:libreoffice:libreoffice:6.0.3 cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ cpe:/o:debian:debian_linux:7.0 cpe:/o:debian:debian_linux:8.0 cpe:/o:debian:debian_linux:9.0 cpe:/o:redhat:enterprise_linux_desktop:7.0 cpe:/o:redhat:enterprise_linux_server:7.0 cpe:/o:redhat:enterprise_linux_workstation:7.0 CVE-2018-10583 2018-05-01T12:29:00.383-04:00 2019-09-28T14:15:10.137-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov EXPLOIT-DB 44564 REDHAT RHSA-2018:3054 UBUNTU USN-3883-1 MLIST [openoffice-dev] 20190928 CVE-2018-10583 MLIST [openoffice-dev] 20190929 Re: CVE-2018-10583 MLIST [openoffice-dev] 20190930 Re: CVE-2018-10583 MISC http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/ CONFIRM https://security-tracker.debian.org/tracker/CVE-2018-10583 An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.