Dismiss this notice
Ashampoo Photo Optimizer 7 New Year 2019 Giveaway-https://www.geeks.fyi/showthread.php?tid=4948

Dismiss this notice
MakeUSLaugh_HitmanPro.Alert New Year 2019 Giveaway- https://www.geeks.fyi/showthread.php?tid=4946

Dismiss this notice
Ashampoo Burning Studio 20 New Year 2019 Giveaway- https://www.geeks.fyi/showthread.php?tid=4947

Dismiss this notice
PowerISO New Year 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5170


Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
OpenOffice Zero-Day Code Execution Flaw Gets Free Micropatch
#1
Quote:A micropatch is now available for a zero-day OpenOffice code execution vulnerability which can be triggered via automated macro execution following a mouseover event when viewing a maliciously crafted ODT document.

Using an exploit for this zero-day vulnerability, potential attackers can issue a directory traversal attack against users of all versions of OpenOffice and all LibreOffice releases up to and including 6.0.6/6.1.2.1.

However, the OpenOffice 0day which is currently tracked as CVE-2018-16858 and received a CVSS3 Base Score of 7.8 from Red Hat, has been fixed by The Document Foundation in the LibreOffice 6.0.7/6.1.3 release after receiving a report from security researcher Alex Inführ who discovered the issue.

The researcher also created and published a Proof-of-Concept for CVE-2018-16858 in the form of a FODT extension which he also uploaded to the VirusTotal malware scanning service.

According to Inführ, the OpenOffice zero-day vulnerability impacts LibreOffice because of "a feature where documents can specify that pre-installed macros can be executed on various document events such as mouse-over" as detailed in the Directory traversal flaw in script execution advisory published by The Document Foundation on February 1.

SOURCE: https://www.bleepingcomputer.com/news/se...icropatch/
[-] The following 2 users say Thank You to silversurfer for this post:
  • darktwilight, harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Latest Threads
Marriott now lets you check if you’re a ...
Last Post: Toligo
Today 23:01
» Replies: 0
» Views: 15
How AI and machine learning can help you...
Last Post: Toligo
Today 22:58
» Replies: 0
» Views: 31
Five emerging cybersecurity threats you ...
Last Post: Toligo
Today 22:51
» Replies: 0
» Views: 22
Twitter has been storing your ‘deleted’ ...
Last Post: Toligo
Today 22:48
» Replies: 0
» Views: 14
Ransomware attackers exploit old plug-in...
Last Post: Toligo
Today 22:45
» Replies: 0
» Views: 18
Using Machine Learning to Detect Malware...
Last Post: Toligo
Today 22:44
» Replies: 0
» Views: 35
G DATA Security Blog_DeepRay foils cyber...
Last Post: jasonX
Today 18:34
» Replies: 0
» Views: 27
G DATA Security Blog_Emotet: G DATA expl...
Last Post: jasonX
Today 18:31
» Replies: 0
» Views: 26
G DATA Antivirus Software 2019
Last Post: jasonX
Today 18:23
» Replies: 0
» Views: 9
The hacking strategies that will dominat...
Last Post: Toligo
Today 17:37
» Replies: 0
» Views: 23
PC Game Giveaway: EMMA The Story
Last Post: sinanogz
Today 15:26
» Replies: 0
» Views: 28
Microsoft Edge, Google Chrome Will Be Ab...
Last Post: silversurfer
Today 10:15
» Replies: 0
» Views: 34
Google working on new Chrome security fe...
Last Post: silversurfer
Today 10:10
» Replies: 0
» Views: 35
[Official] MakeUSLaugh_HitmanPro.Alert N...
Last Post: jasonX
Today 07:17
» Replies: 14
» Views: 1056
Sandboxie updates
Last Post: silversurfer
Yesterday 22:32
» Replies: 3
» Views: 394
Mozilla to harden Firefox defenses with ...
Last Post: Toligo
Yesterday 22:21
» Replies: 2
» Views: 31
Vox Media targets YouTuber that parodied...
Last Post: Toligo
Yesterday 22:18
» Replies: 0
» Views: 37
Bank of Valleta Shuts Down Their Service...
Last Post: Toligo
Yesterday 22:06
» Replies: 0
» Views: 37
Coffee Meets Bagel Dating App Warns User...
Last Post: Toligo
Yesterday 22:01
» Replies: 0
» Views: 34
Astaroth Trojan Exploits Antivirus Softw...
Last Post: Toligo
Yesterday 21:54
» Replies: 0
» Views: 37

[-]
Staffs Online
harlan4096's profile harlan4096
Administrator