LibreOffice Macro Malware
You think open-source developers at LibreOffice would have learned the lessons from it's paid brethren, but LibreOffice has the same vulnerability as Word Marcos and PDF Macros that plagued the universe for the last 10 yrs.
Microsoft has cleaned up its act for the most part, but Adobe Acrobat Reader is still vulnerable to PDF with malware macros. https://www.microsoft.com/security/blog/2017/01/26/phishers-unleash-simple-but-effective-social-engineering-techniques-using-pdf-attachments/
List of Current PDF Exploits : http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pdf
LibreOffice was a fork of OpenOffice.org and is built on the original OpenOffice.org code base, and that is also subject to malicious attacks.
LibreOffice Malware Proof of Concept (POC)
You think open-source developers at LibreOffice would have learned the lessons from it's paid brethren, but LibreOffice has the same vulnerability as Word Marcos and PDF Macros that plagued the universe for the last 10 yrs.
Microsoft has cleaned up its act for the most part, but Adobe Acrobat Reader is still vulnerable to PDF with malware macros. https://www.microsoft.com/security/blog/2017/01/26/phishers-unleash-simple-but-effective-social-engineering-techniques-using-pdf-attachments/
List of Current PDF Exploits : http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pdf
LibreOffice Malware Proof of Concept (POC)
LibreOffice is shipped by default with LibreLogo, a macro to programmable move a turtle vector graphic. To move the turtle, LibreLogo executes custom script code that is internally translated to python code and executed. The big problem here is that the code in not translated well and just supplying python code as the script code often results in the same code after translation.
This has an official code execution vulnerability number CVE-2019-9848.
Here's a PDF Macro Malware POC with code
No comments:
Post a Comment