Apache OpenOffice can be hijacked by malicious documents, fix still in beta
1 min read
Sep 21, 2021
Apache OpenOffice (AOO) is currently vulnerable to a remote code execution vulnerability (CVE-2021-33035) recently discovered by security researcher Eugene Lim, and while the app's source code has been patched, the fix has only been made available as beta software and awaits an official release.
That means that most people running the open source office suite, which has been downloaded hundreds of millions of times and was last updated in May, probably have vulnerable versions of the software.
On Saturday, September 18, security researcher Eugene Lim revealed details about the vulnerability (CVE-2021-33035) at HackerOne's Hacktivity online conference after an August 30 public disclosure date came and went without the fix being fully deployed.
Related Articles
1 - 0 min read
New DDoS Malware Puts Apache Servers at Risk
1 - 0 min read
Severe Chromium DoS, Info Disclosure Vulns Fixed
1 - 0 min read
Multiple Severe, Remotely Exploitable Chromium Vulns Fixed
1 - 0 min read
Remotely Exploitable Poppler DoS Bugs Fixed - Update Now!
