oss-sec mailing list archives
Re: CVE-2012-5639: Apache OpenOffice: Loading internal / external resources without warning
From: Timo Warns <timo.warns () gmail com>
Date: Wed, 3 Jan 2024 21:36:48 +0100
For what it's worth: The original thread on this CVE is available at https://www.openwall.com/lists/oss-security/2012/12/13/10 Regards, Timo Am Mi., 3. Jan. 2024 um 12:02 Uhr schrieb Arrigo Marchiori < ardovm () apache org>:
*** This announcement is a correction to the one sent on 28 December 2023. *** The "Affected versions" information was wrong. Severity: Moderate Affected versions: - Apache OpenOffice through 4.1.14 Description: In Apache OpenOffice and LibreOffice embedded content will be opened automatically without that a warning is shown. Credit: The Apache OpenOffice Security Team would like to thank Timo Warns and Joachim Mammele for discovering and reporting this attack vector. References: https://openoffice.apache.org/ https://www.cve.org/CVERecord?id=CVE-2012-5639 -- Arrigo
Current thread:
- CVE-2012-5639: Apache OpenOffice: Loading internal / external resources without warning Arrigo Marchiori (Jan 03)
- Re: CVE-2012-5639: Apache OpenOffice: Loading internal / external resources without warning Timo Warns (Jan 03)