Severity: Moderate Affected versions:
- Apache OpenOffice through 4.1.15 Description: An attacker can craft an OBD containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. There are no known exploits of this vulnerability. A proof-of-concept demonstration exists. Thanks to the reporter for discovering this issue. Credit: The Apache OpenOffice Security Team would like to thank Gregor Kopf of Secfault Security GmbH (Germany) for discovering and reporting this attack vector and Fred Toussi for kindly providing a solution to this issue within HSQLDB. References: https://openoffice.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-1183 -- Arrigo