Login Register






SMTPMart - Buy Inbox SMTP | Leads | Shell | cPanel 100% Bonus on 1st deposit | Instant Refunds
ProxyByte $2/GB | Residential IPv4 - No Logs - 26M+ IPs - All unblocked
REFUNDING.GG | #1 REFUND SERVICE | SAME DAY REFUNDS | WORLDWIDE ORDERS | GET ITEMS 85% OFF
New Ownership - Policies and Changes Going Forward
Thread Rating:
  • 0 Vote(s) - 0 Average


Third-Party Patch Released for Code Execution Flaw in OpenOffice filter_list
Author
Message
sunjester Offline
Developer
 ****
Registered (Silver)
Six Years of Service
Posts: 471
Threads: 149
Reputation: 24
Currency: 261 NSP
Third-Party Patch Released for Code Execution Flaw in OpenOffice 02-14-2019, 01:49 PM #1
Quote:The flaw, described as a path traversal issue and tracked as CVE-2018-16858, was disclosed in early February by researcher Alex Inführ. The expert found that a hacker could execute code on a system by getting the targeted user to open a specially crafted document that loaded a Python file placed by the attacker anywhere on the device.

https://www.securityweek.com/third-party...openoffice
https://cve.mitre.org/cgi-bin/cvename.cg...2018-16858

Reply

mothered Offline
Nevermind how, I will login
 *******
Registered (Diamond)
Twelve Years of Service
Posts: 72,626
Threads: 307
Reputation: 493
Currency: 50,359 NSP
GoldCookieTurkeyPower PosterReputableLegendaryStaffGolden StaffLovedHammer
RE: Third-Party Patch Released for Code Execution Flaw in OpenOffice 02-15-2019, 05:45 AM #2
Office suites are known for their vulnerabilities (example, macro virus for Microsoft Office).

I'm surprised this wasn't exploited a lot sooner, particularly the fact that It's open-source.
[Image: AD83g1A.png]

Reply







Users browsing this thread: 1 Guest(s)