4 matches found
RCE in LibreOffice and OpenOffice via the Apache UNO API
LibreOffice and OpenOffice are vulnerable to RCE via the Apache UNO API if either program is running as a listener on the host machine. Recent assessments: space-r7 at September 12, 2019 6:07pm UTC reported: Details The soffice binary allows passing arguments in order to listen on a host ip and...
Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution Exploit
""" Exploit Title: Apache UNO API RCE Exploit Author: sud0woodo Vendor Homepage: https://www.apache.org/ Software Link: https://www.openoffice.org/api/ Version: LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 but really any version with the UNO API included Tested on: Ubuntu Mate 18.04 with kernel...
Apache UNO LibreOffice Version: 6.1.2 OpenOffice 4.1.6 API - Remote Code Execution
Apache UNO LibreOffice Version: 6.1.2 OpenOffice 4.1.6 API - Remote Code Execution """ Exploit Title: Apache UNO API RCE Date: 2018-09-18 Exploit Author: sud0woodo Vendor Homepage: https://www.apache.org/ Software Link: https://www.openoffice.org/api/ Version: LibreOffice Version: 6.1.2 /...
Apache UNO API Remote Code Execution Vulnerability
When Apache OpenOffice and LibreOffice are spawn as an office server, they bind an Apache UNO API that allows for remote code execution. Dear reader, I am not sure if I am contacting through the right email address but someone said I should e-mail you guys. I found an RCE functionality in the...