Skip to main content

Apache Releases Security Update for Vulnerability Affecting Apache OpenOffice

This high severity vulnerability could allow an attacker to execute arbitrary code execution on an affected system 

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

This high severity vulnerability could allow an attacker to execute arbitrary code execution on an affected system 


Affected platforms

The following platforms are known to be affected:

Threat details

Introduction

Apache have released security updates addressing a high vulnerability in Apache OpenOffice.

The vulnerability designated CVE-2023-47804 has a CVSSv3 score of 8.8. This vulnerability affects OpenOffice documents containing links that call internal macros with arbitrary arguments. An attacker could exploit this vulnerability by executing certain links which do not require user approval to perform arbitrary code execution.

Proof-of-concept available

Proof-of-concept exploit code is available for CVE-2023-47804.


Remediation advice

Affected organisations are encouraged to review the Apache Security Update and apply any relevant updates.



Last edited: 9 January 2024 12:20 pm