CVE-2018-16858 - My writeup about a RCE vulnerability via macro execution in Libreoffice: https://insert-script.blogspot.com/2019/02/libreoffice-cve-2018-16858-remote-code.html …
Thanks. I did see that OpenOffice doesn't support args, but after looking at the PoC, I assumed that launching calc.exe (with no args) was what you were talking about. This is now clear.
-
-
Folks at risk are apparently those who have a malicious .py file at a predictable location.pic.twitter.com/QcJf7UXAfx
-
with openoffice that statement is correct. People with an older 6.1.x libreoffice version are exploitable by default :)
- 2 more replies
New conversation -
-
-
no problem :) I hope it works now as expected
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.