![]() This article continues to discuss the security flaw discovered in OpenOffice and LibreOffice that hackers can exploit to fake signed documents as well as the updates released to address it. We start this week with a good write-up by Eugene Lim on getting started on vulnerability hunting, and news of a problem in OpenOffice’s handling of DBase files. Tracked as CVE-2022-26305, the issue has. The team behind LibreOffice has released security updates to fix three security flaws in the productivity software, one of which could be exploited to achieve arbitrary code execution on affected systems. Following the bug reports, both LibreOffice and. The same flaw is tracked as CVE-2021-25635 for LibreOffice, a branch of OpenOffice created more than a decade ago from the main project. LibreOffice Releases Software Update to Patch 3 New Vulnerabilities. Real-time exploitation of such a flaw could allow signing sensitive documents falsely without detection. The flaw, which is tracked as CVE-2021-41832 for OpenOffice, was discovered by four researchers at the Ruhr University Bochum. LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. The vulnerability is classified as mild in severity, but its exploitation could lead to severe consequences. The method of enabling anyone to sign macro-infested papers and make them appear trustworthy is effective at tricking unsuspecting users into running malicious code. Submitted by grigby1 on Wed, - 3:05pm OpenOffice and LibreOffice have pushed updates to address a vulnerability that could allow an attacker to spoof signed documents. The digital signatures used in document macros are supposed to help the user verify that the document has not been altered and can be trusted. ![]() ![]() Earlier this month, LibreOffice released the latest version 6.2.5 of its software that addresses two severe vulnerabilities (CVE-2019-9848 and CVE-2019-9849), but the patch for the former has now. The vulnerability is classified as mild in severity, but its exploitation could lead to severe consequences. OctoRavie Lakshmanan The maintainers of LibreOffice and OpenOffice have shipped security updates to their productivity software to remediate multiple vulnerabilities that could be weaponized by malicious actors to alter documents to make them appear as if they are digitally signed by a trusted source. LibreOffice is one of the most popular and open source alternatives to Microsoft Office suite and is available for Windows, Linux and macOS systems. Its 2019, and just opening an innocent looking office document file on your system can still allow hackers to compromise your computer. For OpenOffice, that would be 4.1.10 and later, and for LibreOffice, 7.0.5 or 7.1.1 and later. OpenOffice and LibreOffice have pushed updates to address a vulnerability that could allow an attacker to spoof signed documents.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |