SB2025111212 - Multiple vulnerabilities in Apache OpenOffice

Description

This security bulletin contains information about 7 secuirty vulnerabilities.

1) Missing Authorization (CVE-ID: CVE-2025-64407)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to missing authorization checks. A remote attacker can trick the victim into opening a specially crafted documents with a certain URI scheme linking to external files and exfiltrate arbitrary INI file values and environment variables.

2) Buffer overflow (CVE-ID: CVE-2025-64406)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error CSV import. A remote attacker can trick the victim into importing a specially crafted CSV file, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

3) Missing Authorization (CVE-ID: CVE-2025-64405)

The vulnerability allows a remote attacker to perform spoofing attacks.

The vulnerability exists due to missing authorization checks in Calc spreadsheet when loading external content. A remote attacker can trick the victim into opening a specially crafted document with DDE links linked to external files and load the content of those frames without prompting the user. 

4) Missing Authorization (CVE-ID: CVE-2025-64404)

The vulnerability allows a remote attacker to perform spoofing attacks.

The vulnerability exists due to missing authorization checks when loading external content. A remote attacker can trick the victim into opening a specially crafted document with background fill images, or bullet images, linked to external files and load the content of those frames without prompting the user. 

5) Missing Authorization (CVE-ID: CVE-2025-64403)

The vulnerability allows a remote attacker to perform spoofing attacks.

The vulnerability exists due to missing authorization checks in Calc spreadsheet when loading external content. A remote attacker can trick the victim into opening a specially crafted document with "external data sources" linked to external files and load the content of those frames without prompting the user. 

6) Missing Authorization (CVE-ID: CVE-2025-64401)

The vulnerability allows a remote attacker to perform spoofing attacks.

The vulnerability exists due to missing authorization checks when loading external content. A remote attacker can trick the victim into opening a specially crafted document with "floating frames" linked to external files and load the content of those frames without prompting the user. 

7) Missing Authorization (CVE-ID: CVE-2025-64402)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to missing authorization when loading external OLE objects. The software fails to request permission to load an object, which can lead to a spoofing attack and information disclosure.

Remediation

Install update from vendor's website.

References

• https://lists.apache.org/thread/4po5jr59d3f3spo1y3gslpjfk86dkhc8
• https://lists.apache.org/thread/7gbcmjoz04yz24lpz6zvd3zdq5y6ftd1
• https://lists.apache.org/thread/qs4qrkm1t8664grqsk80bz4m3s3zj76t
• https://lists.apache.org/thread/on2k2p8gop6215fyvbroh9pqonm1o3c2
• https://lists.apache.org/thread/hz16npbpf07g7cc905ynhw0mwg85df2j
• https://lists.apache.org/thread/mtyym5n5k794lx3p0sdbj1p0m8h4xfcb
• https://lists.apache.org/thread/4k2bynk7yonzn5p93qpccj1t69lcqtzw