Skip to main content
Customer Support Customer Support

OpenOffice Vulnerable to Remote Code Execution, LibreOffice Patched

  • February 5, 2019
  • 3 replies
  • 0 views
Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54
February 5, 2019, By Sergiu Gatlan


OpenOffice is exposed to a remote code execution vulnerability that can be triggered using automated macro execution when users move the mouse over a maliciously crafted ODT document.

The security issue affects all versions of OpenOffice, as well as all LibreOffice releases up to and including 6.0.6/6.1.6. The bug was patched by The Document Foundation in LibreOffice 6.0.7/6.1.3 after receiving a report from security researcher Alex Inführ.

However, at the time this article was published, OpenOffice 4.1.6 (the latest version​​​​​) is still vulnerable.

Full Article.
    Baldrick
    Ssherjj
    TripleHelix

    3 replies

    NicCrockett
    Popular Voice
    Forum|alt.badge.img+28
    • NicCrockett
    • Popular Voice
    • February 5, 2019
    Didn't they discontinue OpenOffice and fork LibreOffice off of it? LibreOffice is now the leader in open source office software, i.e. Microsoft Office competitor. Correct me if I'm misremembering, it's been several years since that went down, so I could be.
    NicCrockett | NicCrockett.me
    Ssherjj
    Jasper_The_Rasper
    Moderator
    Forum|alt.badge.img+54
    Didn't they discontinue OpenOffice and fork LibreOffice off of it? LibreOffice is now the leader in open source office software, i.e. Microsoft Office competitor. Correct me if I'm misremembering, it's been several years since that went down, so I could be.

    I have just done a very quick search and it appears that it is now Apache Open Office and has been 2011.
    LibreOffice was forked from OpenOffice in 2010.
    Ssherjj
    NicCrockett
    Popular Voice
    Forum|alt.badge.img+28
    • NicCrockett
    • Popular Voice
    • February 6, 2019

    Didn't they discontinue OpenOffice and fork LibreOffice off of it? LibreOffice is now the leader in open source office software, i.e. Microsoft Office competitor. Correct me if I'm misremembering, it's been several years since that went down, so I could be.I have just done a very quick search and it appears that it is now Apache Open Office and has been 2011.
    LibreOffice was forked from OpenOffice in 2010.

    You're correct that it's now Apache OpenOffice. However, if you look at their release cycle, they rarely put out an update.

    • 4.1.6 - 11/18/2018
    • 4.1.5 - 10/19/2017
    • 4.1.4 - 11/28/2016
    Compared to LibreOffice, which puts out an update once or twice a month since 2011. You'll forgive me for not typing theirs out, but you can find it here.
    NicCrockett | NicCrockett.me
    Jasper_The_Rasper
    Ssherjj
    Terms & ConditionsAccessibility statement