Libreoffice openoffice bug allows to spoof12/13/2023 Hence, they have to manually download the latest versions of both tools to get the patches. While the patches are out, users might not receive the updates automatically. Consequently, they could fix the bug (recognized as CVE-2021-25635 for LibreOffice and CVE-2021-41832 for Apache OpenOffice) with the release of LibreOffice 7.0.5/7.1.1 and Apache OpenOffice 4.1.1. Real-time exploitation of such a flaw could allow signing sensitive documents falsely without detection.įollowing the bug reports, both LibreOffice and OpenOffice officials started working to address the glitch. ![]() Then, the software would present it as a valid signature from a trusted party after failing to recognize the invalid algorithm. An adversary could spoof digital signatures in an ODF document via an invalid algorithm. ![]() This time, they found an improper certificate validation bug in both software. The researchers from the same university have also detailed Shadow Attacks earlier this year that would allow meddling with the digitally signed PDF files. Specifically, the vulnerability first caught the attention of researchers from Network and Data Security (NDS) at the Ruhr-University Bochum. Nonetheless, the maintainers of both tools have patched the bug that triggered the security risk. OpenOffice is a now-discontinued open-source office suite, and LibreOffice is an open-source fork of it. ![]() Specifically, the vulnerability existed in OpenOffice and LibreOffice simultaneously, allowing signature spoofing. Recently, a severe vulnerability threatening the validity of digital signatures caught attention as the vendors addressed it. LibreOffice, OpenOffice Vulnerability Patched Exploiting the bug would allow an adversary to spoof digital signatures in signed documents as a valid signature. A severe security vulnerability affected two popular office tools LibreOffice and OpenOffice, allowing signature spoofing.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |