SB2021101111 - Multiple vulnerabilities in OpenOffice
Published: October 11, 2021
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Incorrect default permissions (CVE-ID: CVE-2021-28129)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions. The DEB package did not install using root, but instead used a userid and groupid of 500. A local user with the same identifier can escalate privileges on the system.
2) Buffer overflow (CVE-ID: CVE-2021-33035)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing dBase/DBF files. A remote attacker can create a specially crafted DBF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
3) XML Entity Expansion (CVE-ID: CVE-2021-40439)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to dependency on an old expat software version. A remote attacker can trick the victim to open a specially crafted ODF file and perform a denial of service (DoS) attack.
The vulnerability in expat is described as #VU42119 (CVE-2013-0340).
4) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2021-41831)
The vulnerability allows a remote attacker to perform a spoofing attack.
The
vulnerability exists due to incorrect signature verification. A remote
attacker can manipulate the timestamp of signed documents.
5) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2021-41832)
The vulnerability allows a remote attacker to perform a spoofing attack.
The
vulnerability exists due to incorrect signature verification. A remote
attacker can manipulate signed documents and macros to appear to come
from a trusted source.
6) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2021-41830)
The vulnerability allows a remote attacker to perform a spoofing attack.
The vulnerability exists due to incorrect signature verification. A remote attacker can manipulate signed documents and macros to appear to come from a trusted source.
Remediation
Install update from vendor's website.
References
- https://lists.apache.org/thread.html/rc9090ab48b4699494b63b35cd6d7414c52d665ecae12add3cdc56c9b%40%3Cusers.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/rc9090ab48b4699494b63b35cd6d7414c52d665ecae12add3cdc56c9b@%3Cusers.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/r9e72234dd662280fa1a3cca6164d3470a1dbc0d8e53e48ba27f787ce@%3Cannounce.apache.org%3E
- http://www.openwall.com/lists/oss-security/2021/10/07/5
- https://github.com/apache/openoffice/commit/efddaef0151af3be16078cc4d88c6bae0f911e56#diff-ea66e734dd358922aba12ad4ba39c96bdc6cbde587d07dbc63d04daa0a30e90f
- https://lists.apache.org/thread.html/r929c0c6a53cad64a1007b878342756badbb05ddd9b8f31a6d0b424cb@%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r1ab8532e11f41bc7ca057ac7e39cab25f2e1f9d5f4929788ae21c8b9@%3Cusers.openoffice.apache.org%3E
- http://www.openwall.com/lists/oss-security/2021/10/07/3
- https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/r41eca5f4f09e74436cbb05dec450fc2bef37b5d3e966aa7cc5fada6d@%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702@%3Cusers.openoffice.apache.org%3E
- http://www.openwall.com/lists/oss-security/2021/10/07/4
- https://lists.apache.org/thread.html/ra74d5057cdc781a36286a83e8bcbc90a7678f030ae73339c35dfc4f9%40%3Cusers.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/rd3214a568b43dd335b5d558f521377f4bff750684dea18eb041fc1bb%40%3Cusers.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/r97d287c88881aa581f1b18cb01e2cbedc4e6eae85958491acb89b12e%40%3Cusers.openoffice.apache.org%3E