{"id":8631,"date":"2019-02-16T00:44:00","date_gmt":"2019-02-15T23:44:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=8631"},"modified":"2019-02-15T10:02:47","modified_gmt":"2019-02-15T09:02:47","slug":"openoffice-and-libreoffice-vulnerability-cve-2018-16858","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/02\/16\/openoffice-and-libreoffice-vulnerability-cve-2018-16858\/","title":{"rendered":"OpenOffice- and LibreOffice Vulnerability CVE-2018-16858"},"content":{"rendered":"

[German<\/a>]There is a micro patch for the 0-day vulnerability CVE-2018-16858 in OpenOffice. And for the vulnerability (patched in LibreOffice by an update) there is a Proof of Concept (PoC).<\/p>\n

<\/p>\n

LibreOffice RCE vulnerability CVE-2018-16858<\/h2>\n

\"\"In LibreOffice (and OpenOffice) there is a remote code execution vulnerability CVE-2018-16858, which I had briefly addressed in the blog post Remote Code Execution vulnerability in LibreOffice<\/a>. This vulnerability has been fixed in LibreOffice 6.0.7\/6.1.3 as you can read in this LibreOffice document<\/a>. Now John Lambert from Microsoft Threat Intelligence Center points out a Proof of Concept (PcC) to exploit the vulnerability (in LibreOffice and OpenOffice)<\/p>\n

\n

Use LibreOffice? You might be interested in this PoC for CVE-2018-16858 (discovered by @insertScript<\/a>) uploaded to VT as LibreOfficeExploit.fodt.<\/p>\n

https:\/\/t.co\/4RoJGRgyWa<\/a>
https:\/\/t.co\/PFaaoC4AnC<\/a>
https:\/\/t.co\/FiikekzOOZ<\/a> pic.twitter.com\/RNHP9NKV2s<\/a><\/p>\n

\u2014 John Lambert (@JohnLaTwC) 5. Februar 2019<\/a><\/p><\/blockquote>\n