openoffice-announce mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <orc...@apache.org>
Subject Fixed in AOO 4.1.2: CVE-2015-4551 Targeted Data Disclosure
Date Mon, 13 Jun 2016 20:33:00 GMT
Republished without change.  This advisory, originally posted 
on 2015-11-04, died in a moderation queue and did not reach 
the list.  The announce@openoffice.apache.org is the official 
mailing list for Apache OpenOffice security advisories, as 
specified at <http://www.openoffice.org/security/alerts.html>. 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



                  NOTICE: APACHE OPENOFFICE SECURITY ADVISORY

                    CVE-2015-4551: TARGETED DATA DISCLOSURE

                        FIXED IN APACHE OPENOFFICE 4.1.2

CVE-2015-4551
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-4551>
Apache OpenOffice Advisory
<https://www.openoffice.org/security/cves/CVE-2015-4551.html>

Title: Targeted Data Disclosure

Version 1.0
Announced 2015-11-04

    A vulnerability in OpenOffice settings of OpenDocument Format
    files and templates allows silent access to files that are
    readable from an user account, over-riding the user's default
    configuration settings.  Once these files are imported into a
    maliciously-crafted document, the data can be silently hidden
    in the document and possibly exported to an external party
    without being observed.

Severity: Important

    There are no known exploits of this vulnerability.
    A proof-of-concept demonstration exists.

Vendor: The Apache Software Foundation

Versions Affected:

    All Apache OpenOffice versions 4.1.1 and older are affected.
    OpenOffice.org versions are also affected.

Related

    CVE-2014-3575
        <https://www.openoffice.org/security/cves/CVE-2014-3575.html>
    CVE-2012-0037
        <https://www.openoffice.org/security/cves/CVE-2012-0037.html>

Mitigation

    Apache OpenOffice users are urged to download and install Apache
    OpenOffice version 4.1.2 or later.

    Apache OpenOffice 4.1.2 mitigates this vulnerability by ignoring
    in-document settings that over-ride default behavior when accessing
    data beyond the document itself.  The automatic default behavior
    is changed to make such access evident to the user, who must then
    approve the access.

Nature of Attack

    This vulnerability requires an exquisitely crafted attack to
    locate targeted files, silently retrieve them, and then deliver
    their data in a manner that escapes notice.  Knowledge of the
    user's system and specific configuration is generally required.

Precautions

    In addition to keeping Apache OpenOffice updated, users can reduce 
    the threat of this kind of data access from ODF documents.  Keep 
    documents and sensitive materials separate from common,
    predictable locations, including on networks.  Require
    additional access permissions for access to sensitive materials 
    even when operating under the user's normal account.

Further Information

    For additional information and assistance, consult the Apache
    OpenOffice Community Forums, <https://forum.openoffice.org/>,
    or make requests to the <mailto:users@openoffice.apache.org>
    public mailing list.

    The latest information on Apache OpenOffice security bulletins
    can be found at <http://www.openoffice.org/security/bulletin.html>.

Credits

    The Apache OpenOffice security team thanks Federico "fox" Scrinzi
    for reporting the defect and Stephan Bergmann of Red Hat for
    analysis and a repair solution.

PGP key Fingerprint 04D0 4322 979B 84DE 1077 0334 F96E 89FF D456 628A
        <https://people.apache.org/keys/committer/orcmid.asc>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBAgAGBQJWOpZCAAoJEPluif/UVmKKrI4H/0NqbgMzqfEVjXyFla2yjVKK
DAHXd6/LlVTggSDWJxnUnBEqGbZH3Jchm9WNzAym9j1uuAU/XTHQdZr5OU0JAh6w
W+9WcEvXSAUUx0eY+FZIZKAAinmSb9ITn5QjVnmYO7RDAULrl5/tC3TrVYbhPzdY
8cAzx0gy38HArFqJA/Gn89q25w5/1UwrO8rwQE9JmgCeAXiUFCbiurGxpqJxa9YI
oo/pgs9CJfRVu6riRc2Sdglbc4g4gy9zip7F8lxa8diaJOA8ZGkxwNnIDUbX3jTH
VVQ9ws6bQQzup7eLvV/LSdohGosWcOU2VM0mp3D8JIwq5TF5i7KBQmFFyC595k4=
=gVz2
-----END PGP SIGNATURE-----





Mime
View raw message