Bug Bounty

All about electronic devices security
http://bugbounty.com.au/

XML External Entity Expansion Vulnerability in the openoffice.org library

http://bugbounty.com.au/viewtopic.php?t=176

Page 1 of 1

XML External Entity Expansion Vulnerability in the openoffice.org library

Posted: Mon Oct 14, 2024 6:40 am
by Shane1145
openoffice.org is vulnerable to XML External Entity expansion. If OpenOffice.org were to open a specially-crafted file (such as an OpenDocument Format or OpenDocument Presentation file), it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running OpenOffice.org had access to. A bug in the way Raptor handled external entities could cause OpenOffice.org to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org.

https://sca.analysiscenter.veracode.com ... 05/summary
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited