This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/openoffice-org.git
The following commit(s) were added to refs/heads/asf-site by this push:
new e1bcd038a4 git-site-role commit from copy_staging.sh
e1bcd038a4 is described below
commit e1bcd038a4904fe12af3d8e8e29e569402cd643c
Author: jenkins <[email protected]>
AuthorDate: Tue Nov 11 22:17:09 2025 +0000
git-site-role commit from copy_staging.sh
---
content/feed.xml | 4 +-
content/security/bulletin.html | 12 ++++++
content/security/cves/CVE-2025-64401.html | 61 +++++++++++++++++++++++++++++++
content/security/cves/CVE-2025-64402.html | 60 ++++++++++++++++++++++++++++++
content/security/cves/CVE-2025-64403.html | 60 ++++++++++++++++++++++++++++++
content/security/cves/CVE-2025-64404.html | 60 ++++++++++++++++++++++++++++++
content/security/cves/CVE-2025-64405.html | 60 ++++++++++++++++++++++++++++++
content/security/cves/CVE-2025-64406.html | 59 ++++++++++++++++++++++++++++++
content/security/cves/CVE-2025-64407.html | 61 +++++++++++++++++++++++++++++++
9 files changed, 435 insertions(+), 2 deletions(-)
diff --git a/content/feed.xml b/content/feed.xml
index 6356f9f314..9357f8caa2 100644
--- a/content/feed.xml
+++ b/content/feed.xml
@@ -6,8 +6,8 @@
<atom:link href="http://localhost:8820/feed.xml"; rel="self"
type="application/rss+xml" />
<description>OpenOffice.org Feed</description>
<language>en-us</language>
- <pubDate>Tue, 11 Nov 2025 13:32:59 +0000</pubDate>
- <lastBuildDate>Tue, 11 Nov 2025 13:32:59 +0000</lastBuildDate>
+ <pubDate>Tue, 11 Nov 2025 22:01:44 +0000</pubDate>
+ <lastBuildDate>Tue, 11 Nov 2025 22:01:44 +0000</lastBuildDate>
</channel>
diff --git a/content/security/bulletin.html b/content/security/bulletin.html
index 627c87062b..f6a25a9887 100644
--- a/content/security/bulletin.html
+++ b/content/security/bulletin.html
@@ -38,6 +38,18 @@
subscribe to our <a href="alerts.html">security-alerts mailing
list</a>.</strong>
</p>
+ <h3>Fixed in Apache OpenOffice 4.1.16</h3>
+
+ <ul>
+ <li><a href="cves/CVE-2025-64401.html">CVE-2025-64401</a>: Remote
documents loaded without prompt via IFrame.</li>
+ <li><a href="cves/CVE-2025-64402.html">CVE-2025-64402</a>: Remote
documents loaded without prompt via OLE objects.</li>
+ <li><a href="cves/CVE-2025-64403.html">CVE-2025-64403</a>: Remote
documents loaded without prompt via "external data sources" in Calc.</li>
+ <li><a href="cves/CVE-2025-64404.html">CVE-2025-64404</a>: Remote
documents loaded without prompt via background and bullet images.</li>
+ <li><a href="cves/CVE-2025-64405.html">CVE-2025-64405</a>: Remote
documents loaded without prompt via DDE function.</li>
+ <li><a href="cves/CVE-2025-64406.html">CVE-2025-64406</a>: Possible memory
corruption during CSV import.</li>
+ <li><a href="cves/CVE-2025-64407.html">CVE-2025-64407</a>: URL fetching
can be used to exfiltrate arbitrary INI file values and environment
variables.</li>
+ </ul>
+
<h3>Fixed in Apache OpenOffice 4.1.15</h3>
<ul>
diff --git a/content/security/cves/CVE-2025-64401.html
b/content/security/cves/CVE-2025-64401.html
new file mode 100644
index 0000000000..db9e4b30e4
--- /dev/null
+++ b/content/security/cves/CVE-2025-64401.html
@@ -0,0 +1,61 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <title>CVE-2025-64401</title>
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+ <p><a
href="https://www.cve.org/CVERecord?id=CVE-2025-64401";>CVE-2025-64401</a></p>
+ <p><a
href="https://www.openoffice.org/security/cves/CVE-2025-64401.html";>Apache
OpenOffice Advisory</a></p>
+ <p style="text-align:center; font-size:largest">Remote documents
loaded without prompt via IFrame</p>
+ <p style="text-align:center;
+ font-size:larger">Fixed in Apache OpenOffice 4.1.16</p>
+
+ <p><strong>Description</strong></p>
+<p>Apache OpenOffice documents can contain links. A missing Authorization
vulnerability in Apache OpenOffice allowed an attacker to craft a document that
would cause external links to be loaded without prompt. In the affected
versions of Apache OpenOffice, documents that used “floating
frames” linked to external files would load the contents of those frames
without prompting the user for permission to do so.</p>
+<p>This issue affects Apache OpenOffice: through 4.1.15.</p>
+<p>Users are recommended to upgrade to version 4.1.16, which fixes the
issue.</p>
+<p>The LibreOffice suite reported this issue as CVE-2023-2255</p>
+<p><strong>Severity: Moderate</strong></p>
+<p>There are no known exploits of this vulnerability.<br />
+A proof-of-concept demonstration exists.</p>
+<p>Thanks to the reporter for discovering this issue.</p>
+<p><strong>Vendor: The Apache Software Foundation</strong></p>
+<p><strong>Versions Affected</strong></p>
+<p>All Apache OpenOffice versions 4.1.15 and older are affected.<br />
+OpenOffice.org versions may also be affected.</p>
+<p><strong>Mitigation</strong></p>
+<p>Install Apache OpenOffice 4.1.16 for the latest maintenance and cumulative
security fixes. Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";>download page</a>.</p>
+<p><strong>Acknowledgements</strong></p>
+<p>The Apache OpenOffice Security Team would like to thank Amel
Bouziane-Leblond for discovering and reporting this issue.</p>
+<p><strong>Further Information</strong></p>
+<p>For additional information and assistance, consult the <a
href="https://forum.openoffice.org/";>Apache OpenOffice Community Forums</a> or
make requests to the <a
href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</a>
public [...]
+<p>The latest information on Apache OpenOffice security bulletins can be found
at the <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive</a> page.</p>
+
+
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2025-64401.html";>CVE-2025-64401</a>
+ </p>
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
diff --git a/content/security/cves/CVE-2025-64402.html
b/content/security/cves/CVE-2025-64402.html
new file mode 100644
index 0000000000..f77acaad13
--- /dev/null
+++ b/content/security/cves/CVE-2025-64402.html
@@ -0,0 +1,60 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <title>CVE-2025-64402</title>
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+ <p><a
href="https://www.cve.org/CVERecord?id=CVE-2025-64402";>CVE-2025-64402</a></p>
+ <p><a
href="https://www.openoffice.org/security/cves/CVE-2025-64402.html";>Apache
OpenOffice Advisory</a></p>
+ <p style="text-align:center; font-size:largest">Remote documents
loaded without prompt via OLE objects</p>
+ <p style="text-align:center;
+ font-size:larger">Fixed in Apache OpenOffice 4.1.16</p>
+
+ <p><strong>Description</strong></p>
+<p>Apache OpenOffice documents can contain links. A missing Authorization
vulnerability in Apache OpenOffice allowed an attacker to craft a document that
would cause external links to be loaded without prompt. In the affected
versions of Apache OpenOffice, documents that used “OLE objects”
linked to external files would load the contents of those files without
prompting the user for permission to do so.</p>
+<p>This issue affects Apache OpenOffice: through 4.1.15.</p>
+<p>Users are recommended to upgrade to version 4.1.16, which fixes the
issue.</p>
+<p><strong>Severity: Moderate</strong></p>
+<p>There are no known exploits of this vulnerability.<br />
+A proof-of-concept demonstration exists.</p>
+<p>Thanks to the reporter for discovering this issue.</p>
+<p><strong>Vendor: The Apache Software Foundation</strong></p>
+<p><strong>Versions Affected</strong></p>
+<p>All Apache OpenOffice versions 4.1.15 and older are affected.<br />
+OpenOffice.org versions may also be affected.</p>
+<p><strong>Mitigation</strong></p>
+<p>Install Apache OpenOffice 4.1.16 for the latest maintenance and cumulative
security fixes. Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";>download page</a>.</p>
+<p><strong>Acknowledgements</strong></p>
+<p>The Apache OpenOffice Security Team would like to thank Dawid Golunski,
Doyensec LLC for discovering and reporting this issue.</p>
+<p><strong>Further Information</strong></p>
+<p>For additional information and assistance, consult the <a
href="https://forum.openoffice.org/";>Apache OpenOffice Community Forums</a> or
make requests to the <a
href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</a>
public mail [...]
+<p>The latest information on Apache OpenOffice security bulletins can be found
at the <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive</a> page.</p>
+
+
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2025-64402.html";>CVE-2025-64402</a>
+ </p>
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
diff --git a/content/security/cves/CVE-2025-64403.html
b/content/security/cves/CVE-2025-64403.html
new file mode 100644
index 0000000000..d2825db082
--- /dev/null
+++ b/content/security/cves/CVE-2025-64403.html
@@ -0,0 +1,60 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <title>CVE-2025-64403</title>
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+ <p><a
href="https://www.cve.org/CVERecord?id=CVE-2025-64403";>CVE-2025-64403</a></p>
+ <p><a
href="https://www.openoffice.org/security/cves/CVE-2025-64403.html";>Apache
OpenOffice Advisory</a></p>
+ <p style="text-align:center; font-size:largest">Remote documents
loaded without prompt via "external data sources" in Calc</p>
+ <p style="text-align:center;
+ font-size:larger">Fixed in Apache OpenOffice 4.1.16</p>
+
+ <p><strong>Description</strong></p>
+<p>Apache OpenOffice Calc spreadsheet can contain links to other files, in the
form of “external data sources”. A missing Authorization
vulnerability in Apache OpenOffice allowed an attacker to craft a document that
would cause such links to be loaded without prompt.</p>
+<p>This issue affects Apache OpenOffice: through 4.1.15.</p>
+<p>Users are recommended to upgrade to version 4.1.16, which fixes the
issue.</p>
+<p><strong>Severity: Moderate</strong></p>
+<p>There are no known exploits of this vulnerability.<br />
+A proof-of-concept demonstration exists.</p>
+<p>Thanks to the reporter for discovering this issue.</p>
+<p><strong>Vendor: The Apache Software Foundation</strong></p>
+<p><strong>Versions Affected</strong></p>
+<p>All Apache OpenOffice versions 4.1.15 and older are affected.<br />
+OpenOffice.org versions may also be affected.</p>
+<p><strong>Mitigation</strong></p>
+<p>Install Apache OpenOffice 4.1.16 for the latest maintenance and cumulative
security fixes. Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";>download page</a>.</p>
+<p><strong>Acknowledgements</strong></p>
+<p>The Apache OpenOffice Security Team would like to thank Reginaldo Silva of
ubercomp.com for discovering and reporting this issue.</p>
+<p><strong>Further Information</strong></p>
+<p>For additional information and assistance, consult the <a
href="https://forum.openoffice.org/";>Apache OpenOffice Community Forums</a> or
make requests to the <a
href="mailto:users@openoffice.apache.org">users@openoffice.apache.org<
[...]
+<p>The latest information on Apache OpenOffice security bulletins can be found
at the <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive</a> page.</p>
+
+
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2025-64403.html";>CVE-2025-64403</a>
+ </p>
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
diff --git a/content/security/cves/CVE-2025-64404.html
b/content/security/cves/CVE-2025-64404.html
new file mode 100644
index 0000000000..231022e420
--- /dev/null
+++ b/content/security/cves/CVE-2025-64404.html
@@ -0,0 +1,60 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <title>CVE-2025-64404</title>
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+ <p><a
href="https://www.cve.org/CVERecord?id=CVE-2025-64404";>CVE-2025-64404</a></p>
+ <p><a
href="https://www.openoffice.org/security/cves/CVE-2025-64404.html";>Apache
OpenOffice Advisory</a></p>
+ <p style="text-align:center; font-size:largest">Remote documents
loaded without prompt via background and bullet images</p>
+ <p style="text-align:center;
+ font-size:larger">Fixed in Apache OpenOffice 4.1.16</p>
+
+ <p><strong>Description</strong></p>
+<p>Apache OpenOffice documents can contain links to other files. A missing
Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a
document that would cause external links to be loaded without prompt. In the
affected versions of Apache OpenOffice, documents that used background fill
images, or bullet images, linked to external files would load the contents of
those files without prompting the user for permission to do so.</p>
+<p>This issue affects Apache OpenOffice: through 4.1.15.</p>
+<p>Users are recommended to upgrade to version 4.1.16, which fixes the
issue.</p>
+<p><strong>Severity: Moderate</strong></p>
+<p>There are no known exploits of this vulnerability.<br />
+A proof-of-concept demonstration exists.</p>
+<p>Thanks to the reporter for discovering this issue.</p>
+<p><strong>Vendor: The Apache Software Foundation</strong></p>
+<p><strong>Versions Affected</strong></p>
+<p>All Apache OpenOffice versions 4.1.15 and older are affected.<br />
+OpenOffice.org versions may also be affected.</p>
+<p><strong>Mitigation</strong></p>
+<p>Install Apache OpenOffice 4.1.16 for the latest maintenance and cumulative
security fixes. Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";>download page</a>.</p>
+<p><strong>Acknowledgements</strong></p>
+<p>The Apache OpenOffice Security Team would like to thank Reginaldo Silva of
ubercomp.com for discovering and reporting this issue.</p>
+<p><strong>Further Information</strong></p>
+<p>For additional information and assistance, consult the <a
href="https://forum.openoffice.org/";>Apache OpenOffice Community Forums</a> or
make requests to the <a
href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</
[...]
+<p>The latest information on Apache OpenOffice security bulletins can be found
at the <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive</a> page.</p>
+
+
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2025-64404.html";>CVE-2025-64404</a>
+ </p>
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
diff --git a/content/security/cves/CVE-2025-64405.html
b/content/security/cves/CVE-2025-64405.html
new file mode 100644
index 0000000000..9d588fe1c5
--- /dev/null
+++ b/content/security/cves/CVE-2025-64405.html
@@ -0,0 +1,60 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <title>CVE-2025-64405</title>
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+ <p><a
href="https://www.cve.org/CVERecord?id=CVE-2025-64405";>CVE-2025-64405</a></p>
+ <p><a
href="https://www.openoffice.org/security/cves/CVE-2025-64405.html";>Apache
OpenOffice Advisory</a></p>
+ <p style="text-align:center; font-size:largest">Remote documents
loaded without prompt via DDE function</p>
+ <p style="text-align:center;
+ font-size:larger">Fixed in Apache OpenOffice 4.1.16</p>
+
+ <p><strong>Description</strong></p>
+<p>Apache OpenOffice documents can contain links. A missing Authorization
vulnerability in Apache OpenOffice allowed an attacker to craft a document that
would cause external links to be loaded without prompt. In the affected
versions of Apache OpenOffice, Calc spreadsheet containing DDE links to
external files would load the contents of those files without prompting the
user for permission to do so.</p>
+<p>This issue affects Apache OpenOffice: through 4.1.15.</p>
+<p>Users are recommended to upgrade to version 4.1.16, which fixes the
issue.</p>
+<p><strong>Severity: Moderate</strong></p>
+<p>There are no known exploits of this vulnerability.<br />
+A proof-of-concept demonstration exists.</p>
+<p>Thanks to the reporter for discovering this issue.</p>
+<p><strong>Vendor: The Apache Software Foundation</strong></p>
+<p><strong>Versions Affected</strong></p>
+<p>All Apache OpenOffice versions 4.1.15 and older are affected.<br />
+OpenOffice.org versions may also be affected.</p>
+<p><strong>Mitigation</strong></p>
+<p>Install Apache OpenOffice 4.1.16 for the latest maintenance and cumulative
security fixes. Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";>download page</a>.</p>
+<p><strong>Acknowledgements</strong></p>
+<p>The Apache OpenOffice Security Team would like to thank Louis Bettels, from
Technische Universität Braunschweig, for discovering and reporting this
issue.</p>
+<p><strong>Further Information</strong></p>
+<p>For additional information and assistance, consult the <a
href="https://forum.openoffice.org/";>Apache OpenOffice Community Forums</a> or
make requests to the <a
href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</a>
public mail [...]
+<p>The latest information on Apache OpenOffice security bulletins can be found
at the <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive</a> page.</p>
+
+
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2025-64405.html";>CVE-2025-64405</a>
+ </p>
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
diff --git a/content/security/cves/CVE-2025-64406.html
b/content/security/cves/CVE-2025-64406.html
new file mode 100644
index 0000000000..d74db12309
--- /dev/null
+++ b/content/security/cves/CVE-2025-64406.html
@@ -0,0 +1,59 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <title>CVE-2025-64406</title>
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+ <p><a
href="https://www.cve.org/CVERecord?id=CVE-2025-64406";>CVE-2025-64406</a></p>
+ <p><a
href="https://www.openoffice.org/security/cves/CVE-2025-64406.html";>Apache
OpenOffice Advisory</a></p>
+ <p style="text-align:center; font-size:largest">Possible memory
corruption during CSV import</p>
+ <p style="text-align:center;
+ font-size:larger">Fixed in Apache OpenOffice 4.1.16</p>
+
+ <p><strong>Description</strong></p>
+<p>An out-of-bounds Write vulnerability in Apache OpenOffice could allow an
attacker to craft a document that would crash the program, or otherwise corrupt
other memory areas.</p>
+<p>This issue affects Apache OpenOffice: through 4.1.15.</p>
+<p>Users are recommended to upgrade to version 4.1.16, which fixes the
issue.</p>
+<p><strong>Severity: Important</strong></p>
+<p>There are no known exploits of this vulnerability.</p>
+<p>Thanks to the reporter for discovering this issue.</p>
+<p><strong>Vendor: The Apache Software Foundation</strong></p>
+<p><strong>Versions Affected</strong></p>
+<p>All Apache OpenOffice versions 4.1.15 and older are affected.<br />
+OpenOffice.org versions may also be affected.</p>
+<p><strong>Mitigation</strong></p>
+<p>Install Apache OpenOffice 4.1.16 for the latest maintenance and cumulative
security fixes. Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";>download page</a>.</p>
+<p><strong>Acknowledgements</strong></p>
+<p>The Apache OpenOffice Security Team would like to thank Damjan Jovanovic
for discovering and reporting this issue.</p>
+<p><strong>Further Information</strong></p>
+<p>For additional information and assistance, consult the <a
href="https://forum.openoffice.org/";>Apache OpenOffice Community Forums</a> or
make requests to the <a
href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</a>
public mailing list.</p>
+<p>The latest information on Apache OpenOffice security bulletins can be found
at the <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive</a> page.</p>
+
+
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2025-64406.html";>CVE-2025-64406</a>
+ </p>
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
diff --git a/content/security/cves/CVE-2025-64407.html
b/content/security/cves/CVE-2025-64407.html
new file mode 100644
index 0000000000..ca7a7d6a8f
--- /dev/null
+++ b/content/security/cves/CVE-2025-64407.html
@@ -0,0 +1,61 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <title>CVE-2025-64407</title>
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+ <p><a
href="https://www.cve.org/CVERecord?id=CVE-2025-64407";>CVE-2025-64407</a></p>
+ <p><a
href="https://www.openoffice.org/security/cves/CVE-2025-64407.html";>Apache
OpenOffice Advisory</a></p>
+ <p style="text-align:center; font-size:largest">URL fetching can be
used to exfiltrate arbitrary INI file values and environment variables</p>
+ <p style="text-align:center;
+ font-size:larger">Fixed in Apache OpenOffice 4.1.16</p>
+
+ <p><strong>Description</strong></p>
+<p>Apache OpenOffice documents can contain links. A missing Authorization
vulnerability in Apache OpenOffice allowed an attacker to craft a document that
would cause external links to be loaded without prompt. Such links could also
be used to transmit system information, such as environment variables or
configuration settings.</p>
+<p>In the affected versions of Apache OpenOffice, documents that used a
certain URI scheme linking to external files would load the contents of such
files without prompting the user for permission to do so. Such URI scheme
allows to include system configuration data, that is not supposed to be
transmitted externally.</p>
+<p>This issue affects Apache OpenOffice: through 4.1.15.</p>
+<p>Users are recommended to upgrade to version 4.1.16, which fixes the
issue.</p>
+<p>The LibreOffice suite reported this issue as CVE-2024-12426.</p>
+<p><strong>Severity: Moderate</strong></p>
+<p>There are no known exploits of this vulnerability.</p>
+<p>Thanks to the reporter for discovering this issue.</p>
+<p><strong>Vendor: The Apache Software Foundation</strong></p>
+<p><strong>Versions Affected</strong></p>
+<p>All Apache OpenOffice versions 4.1.15 and older are affected.<br />
+OpenOffice.org versions may also be affected.</p>
+<p><strong>Mitigation</strong></p>
+<p>Install Apache OpenOffice 4.1.16 for the latest maintenance and cumulative
security fixes. Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";>download page</a>.</p>
+<p><strong>Acknowledgements</strong></p>
+<p>The Apache OpenOffice Security Team would like to thank Thomas Rinsma of
Codean Labs for discovering and reporting this issue.</p>
+<p><strong>Further Information</strong></p>
+<p>For additional information and assistance, consult the <a
href="https://forum.openoffice.org/";>Apache OpenOffice Community Forums</a> or
make requests to the <a
href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</a>
publ [...]
+<p>The latest information on Apache OpenOffice security bulletins can be found
at the <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive</a> page.</p>
+
+
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2025-64407.html";>CVE-2025-64407</a>
+ </p>
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
