Top
image credit: Pexels

Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice

October 12, 2021

Via: The Hacker News
Category:

The maintainers of LibreOffice and OpenOffice have shipped security updates to their productivity software to remediate multiple vulnerabilities that could be weaponized by malicious actors to alter documents to make them appear as if they are digitally signed by a trusted source.

The list of the three flaws is as follows —

  • CVE-2021-41830 / CVE-2021-25633 – Content and Macro Manipulation with Double Certificate Attack
  • CVE-2021-41831 / CVE-2021-25634 – Timestamp Manipulation with Signature Wrapping
  • CVE-2021-41832 / CVE-2021-25635 – Content Manipulation with Certificate Validation Attack

Read More on The Hacker News

RELATED PUBLICATIONS

Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector
Google Patches Exploited Pixel Vulnerabilities
Multiple XSS flaws in Joomla can lead to remote code execution

Latest Publications

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia 
U.S. and Australian police arrested Firebird RAT author and operator
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!