Apache Releases Security Update for Vulnerability Affecting Apache OpenOffice
This high severity vulnerability could allow an attacker to execute arbitrary code execution on an affected system
Summary
This high severity vulnerability could allow an attacker to execute arbitrary code execution on an affected system
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Apache have released security updates addressing a high vulnerability in Apache OpenOffice.
The vulnerability designated CVE-2023-47804 has a CVSSv3 score of 8.8. This vulnerability affects OpenOffice documents containing links that call internal macros with arbitrary arguments. An attacker could exploit this vulnerability by executing certain links which do not require user approval to perform arbitrary code execution.
Proof-of-concept available
Proof-of-concept exploit code is available for CVE-2023-47804.
Remediation advice
Affected organisations are encouraged to review the Apache Security Update and apply any relevant updates.
Definitive source of threat updates
Last edited: 9 January 2024 12:20 pm