Vulnerabilities allow manipulation of OpenOffice and LibreOffice files [13.10.21]
Multiple vulnerabilities (CVE-2021-25633, CVE-2021-25634, CVE-2021-25635, CVE-2021-41830, CVE-2021-41831 and CVE-2021-41832) in The Document Foundation LibreOffice (< 7.0.5) and Apache OpenOffice (< 4.1.10) can be exploited by an attacker. By exploiting the vulnerabilities, the attacker is able to manipulate data to make it appear to have been signed by a trusted source.
To fix the vulnerabilities, current versions of The Document Foundation (7.2.1) and Apache (4.1.11) are available for download.
You can find further information e. g. at
- securityaffairs.co/wordpress/123212/security/libreoffice-openoffice-flaw.html
- https://it.slashdot.org/story/21/10/11/212215/libreoffice-openoffice-bug-allows-hackers-to-spoof-signed-docs?utm_source=rss1.0mainlinkanon&utm_medium=feed
If you have any questions, please contact kim-it@uni-hohenheim.de.
Do you have questions or comments about this site? contact form