Vigil@nce - LibreOffice: macro execution
July 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can invite the victim to open a malicious document
with LibreOffice, in order to execute code.
Impacted products: Fedora, LibreOffice, openSUSE, Ubuntu
Severity: 2/4
Creation date: 23/06/2014
DESCRIPTION OF THE VULNERABILITY
The LibreOffice product offers a web service.
Users can disable macros. However, some macros are still executed.
An attacker can therefore invite the victim to open a malicious
document with LibreOffice, in order to execute code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/LibreOffice-macro-execution-14925