Libreoffice has a remote code execution vulnerability (CVE-2018-16858) that can be exploited via macro/event execution. A malicious ODT document may be used to trigger the vulnerability CVE-2018-16858.
When we talk about Office vulnerabilities, Microsoft and its products were usually meant. Now it has hit the free Office version LibreOffice. The following tweet has just come to my attention.
— Catalin Cimpanu (@campuscodi) 1. Februar 2019
Someone took a look at LibreOffice and discovered a way to execute code remotely. Remote code execution is possible when a user opens a malicious ODT file and moves the mouse over the document. Then the code is executed without triggering a warning dialog.
This approach and the vulnerability are described in this blog post. The vulnerability is discussed in the context of Windows, but the vulnerability (CVE-2018-16858) can be exploited in the same way under Linux.
Tested LibreOffice version: 220.127.116.11 (6.0.x doesn’t allow parameter passing)
Tested operating systems: Windows + Linux (both affected)