oss-sec mailing list archives
CVE-2023-1183: Apache OpenOffice: Arbitrary file write in Apache OpenOffice Base
From: Arrigo Marchiori <ardovm () apache org>
Date: Wed, 3 Jan 2024 10:00:42 +0100
*** This announcement is a correction to the one sent on 28 December 2023. *** The "Affected versions" information was wrong. Severity: Moderate Affected versions: - Apache OpenOffice through 4.1.14 Description: An attacker can craft an OBD containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. There are no known exploits of this vulnerability. A proof-of-concept demonstration exists. Thanks to the reporter for discovering this issue. Credit: The Apache OpenOffice Security Team would like to thank Gregor Kopf of Secfault Security GmbH (Germany) for discovering and reporting this attack vector and Fred Toussi for kindly providing a solution to this issue within HSQLDB. References: https://openoffice.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-1183 -- Arrigo
Current thread:
- CVE-2023-1183: Apache OpenOffice: Arbitrary file write in Apache OpenOffice Base Arrigo Marchiori (Jan 03)