Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Apache OpenOffice Vulnerable To One-Click Code Execution

Written by Michael Larabel in Free Software on 4 May 2021 at 09:10 AM EDT. 50 Comments

FREE SOFTWARE

If you are still relying on Apache OpenOffice in 2021 you might want to really make it a goal this year to transition to the much more featureful LibreOffice, but in any case you'll want to move at least to OpenOffice 4.1.10.

Apache OpenOffice 4.1.10 was released today to address a vulnerability affecting all versions of OpenOffice. Due to the way Apache OpenOffice pre-4.1.10 handles non-HTTPS hyperlinks, it could lead to "1-click" untrusted code execution.

This one-click code execution vulnerability affects OpenOffice on Windows, Linux, and macOS systems. With OpenOffice 4.1.10, a warning is now displayed when opening hyperlinks. It is believed this vulnerability has existed since the Sun Microsystems days when OpenOffice 2.0 was being developed in 2005.

More details on this OpenOffice vulnerability via Apache.org.

While LibreOffice has much of the spotlight when it comes to being the premiere open-source office suite these days, Apache notes that OpenOffice is still seeing up to 2.4 million downloads each month.

50 Comments

Related News

Tow-Boot 2023.07 U-Boot Distribution Released With New Board Support

Valkey Celebrates Its First Stable Release As Open-Source Redis Fork

Servo Driving Modularity To Support Different JavaScript Engines

Vim Lands XDG Base Directory Specification Support

OpenJPH 0.11 Works Toward Low-Latency High-Throughput JPEG-2000 (HTJ2K)

Dbus-Broker 36 Released For This Fastest D-Bus Implementation

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them

Linux 6.10 To Merge NTSYNC Driver For Emulating Windows NT Synchronization Primitives

Fedora 41 Looks To "-O3" Optimizations For Its Python Build

Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver

APT 2.9 Released: Debian's APT 3.0 To Have A New UI With Colors, Columnar Display & More

KDE's KWin Merges Wayland Explicit Sync Support

Open-Source Radeon Driver Enables Support For Vulkan Video H.264/H.265 Encode

Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming