An analyst has detected a severe distant code execution flaw impacting the open-source productivity suites likely Apache OpenOffice and LibreOffice, however a fix has merely been announced for the former.
Researcher named Alex Inführ identified that a harmful attacker could employ particularly crafted documents to implement absolute code without any alerting message being observed by the sufferer. The entire targeted user requires to perform is open a harmful ODT file and take the mouse anyplace over the document.
The researcher has written a blog post mentioning the details of his discoveries and also created a video presenting the working of attack. While the blog post and Proof of Concept code centering main on the LibreOffice, the threat can be accommodated for OpenOffice. The analyst further states that Linux and Window systems both are affected in this flaw.
The flaw, trailed as CVE-2018-16858, has been narrated as a path traversal issue that permits a hacker to implement a Python file situated anyplace on the targeted system. The threat is created easier by the concept that Python is packaged with OpenOffice and LibreOffice, which measures the hacker does not require to trouble about this factor of being installed on the referenced device.
The harmful document requires to comprise of a particularly crafted link positioning to a Python procedure from a script. A part of malware existing on the system can be implemented when the sufferer hovers over the link using the onmouseover event without proposing any suspicion. The analyst created a demo and showing the color of the URL has been fixed to white and the link covers an complete page in the document. The sufferer merely observes a blank page, however the harmful code gets implemented when they place their mouse over it.
The problem was narrated in details to the LibreOffice developers back in October 18, 2018, and it was patched less than two weeks and later with the announcement of versions 6.1.3 and 6.0.7. OpenOffice developers have merely been warned, however they have to announce a fix yet. The users have to disable Python support until a patch becomes available simply by detaching or by giving a new name to the pythonscript.py file in the installation folder.