oss-sec mailing list archives
CVE-2021-41830: Apache OpenOffice: Double Certificate Attack
From: Dave Fisher <wave () apache org>
Date: Mon, 11 Oct 2021 03:04:14 +0000
Severity: high Description: It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory. Credit: Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany
Current thread:
- CVE-2021-41830: Apache OpenOffice: Double Certificate Attack Dave Fisher (Oct 11)