Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A flaw in LibreOffice could allow the hack of your PC

LibreOffice users have to know that their unpatched computers could be hacked by simply opening a specially crafted document. Bad news for LibreOffice users, the popular free and open-source office suite is affected by an unpatched remote code execution vulnerability Recently, LibreOffice released the latest version 6.2.5 that addresses two severe flaws tracked as CVE-2019-9848 and CVE-2019-9849. […]

LibreOffice OpenOffice

LibreOffice users have to know that their unpatched computers could be hacked by simply opening a specially crafted document.

Bad news for LibreOffice users, the popular free and open-source office suite is affected by an unpatched remote code execution vulnerability

Recently, LibreOffice released the latest version 6.2.5 that addresses two severe flaws tracked as CVE-2019-9848 and CVE-2019-9849.

The fix CVE-2019-9849 did not completely address the security researcher Alex Inführ explained hot to bypass it.

Below the description for the vulnerability CVE-2019-9848 published by the NIS National Vulnerability Database.

LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning.” reads the security advisory.

Alex Inführ did not disclose technical details about the technique he devised to bypass the fix but confirmed via Twitter that he was able to successfully exploit it in the latest LibreOffice version 6.2.5

The flaw resides in LibreLogo, a programmable turtle vector graphics script that ships by default with LibreOffice. LibreLogo allows users to specify pre-installed scripts in a document that can be executed when some events occur.

The vulnerability can be exploited by attackers using specially crafted malicious LibreOffice document files that can result in the silent execution of arbitrary python commands without displaying any warning to the victim.

The vulnerability was first discovered by security expert Nils Emmerich that described the issue with the following statement:

LibreOffice is shipped by default with LibreLogo, a macro to programmable move a turtle vector graphic. To move the turtle, LibreLogo executes custom script code that is internally translated to python code and executed.” wrote the expert. “The big problem here is that the code in not translated well and just supplying python code as the script code often results in the same code after translation.”

The expert explained that using forms and OnFocus event, it is even possible to execute arbitrary code when the document is opened, without the need for a mouse-over event. The expert also published a proof-of-concept for this attack.

LibreOffice

Waiting for final fix users are recommended to uninstall the LibreLogo component.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – LibreOffice, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]