Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Hackers Can Exploit LibreOffice Flaw With RTF Files

The developers of the open source office suite LibreOffice informed users this week that they have patched a vulnerability which could allow attackers to execute arbitrary code using specially crafted RTF files.

The developers of the open source office suite LibreOffice informed users this week that they have patched a vulnerability which could allow attackers to execute arbitrary code using specially crafted RTF files.

The vulnerability, found by Cisco Talos researchers and tracked as CVE-2016-4324, affects the RTF parser in LibreOffice. The flaw can be exploited with an RTF document that contains both a stylesheet and a superscript token.

“A specially crafted RTF document containing both a stylesheet and superscript element causes LibreOffice to access an invalid pointer referencing previously used memory on the heap. By carefully manipulating the contents of the heap, this vulnerability can be able to be used to execute arbitrary code,” Cisco said.

The attacker needs to somehow trick the targeted individual into opening a malicious RTF file in order to trigger the exploit. It’s not uncommon for cybercriminals to exploit RTF parser vulnerabilities in Microsoft Office to deliver malware and this flaw shows that such attacks are also possible against LibreOffice users.

The issue has been addressed with the release of LibreOffice 5.1.4. Cisco says there is no evidence that this vulnerability has been exploited in the wild, but users are advised to update their installations to protect themselves against potential attacks.

The developers of various Linux distributions are also analyzing the issue and some have already released package updates to patch the flaw.

This is the third vulnerability confirmed by LibreOffice developers this year. In February, The Document Foundation informed users that researchers from VeriSign’s iDefense Labs had identified a couple of memory corruption bugs that could have been exploited to cause a denial-of-service (DoS) condition using specially crafted Lotus Word Pro files.

Cisco Talos researchers recently identified flaws in many popular products, including the chat client PidginTrane thermostats, and the Lhasa, Libarchive and 7-Zip archivers.

Advertisement. Scroll to continue reading.

Related Reading: Cisco Finds Backdoor Installed on 12 Million PCs

Related Reading: 3.2 Million Devices Exposed to Ransomware Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

Merlin Ventures has appointed cybersecurity executive Andrew Smeaton as the firm’s CISO-in-Residence.

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

More People On The Move

Expert Insights