CVE-2021-41832: Apache OpenOffice: Content Manipulation with Certificate Validation Attack

[Dave Fisher <wave () apache org>]

Severity: moderate

Description:

It is possible for an attacker to manipulate documents to appear to be signed by a trusted source.

All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11.

See CVE-2021-25635 for the LibreOffice advisory.


Credit:

Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr 
University Bochum, Germany