Описание
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
A flaw was found in LibreOffice. When an empty Java class path entry is configured, LibreOffice will search for Java classes in the current working directory, allowing malicious Java classes to load when opening a document using the file manager, resulting in arbitrary code execution.
Отчет
To exploit this flaw, an attacker would need to convince a user to extract an archive (tar, zip, etc) containing a LibreOffice document and a specific file with Java code inside it, and then the user would need to open the LibreOffice document normally. As user interaction is required to open an unstrusted file, this flaw was rated with a moderate security impact.
Меры по смягчению последствий
Disabling the Java runtime in LibreOffice will mitigate this issue. To disable it, uncheck the "Use a Java runtime environment" option box via: Tools, Options, LibreOffice/Advanced, Use a Java runtime environment.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libreoffice | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libreoffice | Out of support scope | ||
| Red Hat Enterprise Linux 8 | libreoffice:flatpak/libreoffice | Will not fix | ||
| Red Hat Enterprise Linux 9 | libreoffice:flatpak/libreoffice | Will not fix | ||
| Red Hat Enterprise Linux 8 | libreoffice | Fixed | RHSA-2023:6933 | 14.11.2023 |
| Red Hat Enterprise Linux 9 | libreoffice | Fixed | RHSA-2023:6508 | 07.11.2023 |
Показывать по
Дополнительная информация
Статус:
7.8 High
CVSS3
Связанные уязвимости
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
Apache OpenOffice versions before 4.1.14 may be configured to add an e ...
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
Уязвимость пакета офисных программ Apache OpenOffice, связанная с возможностью добавления пустой записи в путь к Java-классу, позволяющая нарушителю выполнить произвольный код
7.8 High
CVSS3