Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. For enterprises, integrating security tools like intrusion detection systems (IDS) to monitor LibreOffice’s file operations is critical. While the .ttf extension limits immediate code execution, this flaw enables server-side attacks by overwriting web application files or configuration scripts. These flaws affect both desktop users and server-side implementations, posing significant risks to enterprises and individual users relying on the open-source Office suite. Attackers can exploit this by injecting path traversal sequences into font declarations, allowing arbitrary .ttf file writes outside the designated temporary directory. According to Codean Labs, the vulnerability originates from improper sanitization of user-supplied font names in OpenDocument XML files. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. The second vulnerability leverages LibreOffice’s handling of the vnd.sun.star.expand the URI scheme, which supports recursive variable substitution. Attackers can craft documents that extract environment variables, configuration files, or secrets via manipulated URLs. This scheme parses INI files laxly, enabling exfiltration from non-INIs like .bash_history or SQLite databases. A proof-of-concept attack demonstrated the theft of WordPress password-reset tokens from Thunderbird emails, allowing account takeover. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 18 Feb 2025 07:40:06 +0000