REWTERZ THREAT Advisory – LibreOffice and OpenOffice Remote Code Execution Vulnerability

Wednesday, February 6, 2019

SEVERITY: Medium

CATEGORY: Vulnerability

Analysis Summary

By tricking victims into opening an ODT (OpenDocument Text) file embedding an event embedded, it is possible to launch a directory traversal attack executing a python method from a script in any arbitrary file system location. Exploiting CVE-2018-16858, it is possible to trigger the automatic execution of a specific python library included in the suite using a hidden onmouseover event. On further analysis, researchers found out that under certain circumstances it is not only possible to specify the function you want to call inside a python script, but passing parameters is also a possibility.

In the fixed versions, access is restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install.


Impact

Remote Code Execution

Affected Products

LibreOffice

OpenOffice

Remediation


While LibreOffice has been fixed with the release of LibreOffice 6.0.7/6.1.3, update to the fixed versions. OpenOffice is still awaiting a fix. Meanwhile, it is possible to remove or rename the pythonscript.py file in the installation folder to disable the support for python.

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 12, February 2019 Rewterz Threat Alert – Phishing Campaign Targeting Bank Employees in Pakistan, Forging Zimbra
  • 11, February 2019 Rewterz Threat Alert -Malware Campaign Hides Ransomware in Super Mario Wrapper
  • 11, February 2019 Rewterz Threat Alert – New Linux coin miner kills competing malware to maximize profits
  • 8, February 2019 Rewterz Threat Advisory -CVE-2018-11803 – Apache Subversion Denial of Service Vulnerability

Copyright © Rewterz. All rights reserved.