content/security/cves/CVE-2015-1774.html

<!DOCTYPE html>
<html>
    <head>
        <title>CVE-2015-1774</title>
        <style type="text/css"></style>
    </head>

    <body>
    <!-- These were previously defined as XHTML pages.  The current
         wrapping for the site introduces HTML5 headers and formats.
         This version is modified to match the wrapping that is done as part
         of publishing this page and not rely on any particular styling
         beyond <p>.
         -->
        <p>
            <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-1774">CVE-2015-1774</a>
        </p>
        <p>
            <a href="https://www.openoffice.org/security/cves/CVE-2015-1774.html">Apache OpenOffice Advisory</a>
        </p>

        <p style="font-size:larger"><strong>Out-of-Bounds Write in HWP File Filter</strong></p>


        <p>
            <strong>Version 2.0</strong>
            <br />
            Announced April 27, 2015<br />
        Updated October 28, 2015</p>

        <p>
        A vulnerability in OpenOffice's HWP filter allows attackers to craft
        malicious documents that cause denial of service (memory
        corruption and application crash) and possible execution of arbitrary
        code.
    </p>

        <p>
            <strong>Severity: Important</strong>
        </p>
        <p>
            <strong>Vendor: The Apache Software Foundation</strong>
        </p>

        <p>
            <strong>Versions Affected</strong>
            <br />
    All Apache OpenOffice versions 4.1.1 and older are affected.<br />
            OpenOffice.org versions are also affected.</p>


        <p>
            <strong>Mitigation</strong>
        </p>
        <p>Update to Apache OpenOffice 4.1.2 or a later version.</p>
        <p>
        This mitigation drops Apache OpenOffice support for documents
        created in "Hangul Word Processor" format.  The filter is not
        installed; it will not be used if present.
    </p>
        <p>
            <strong>Workarounds and Document Migration</strong>
        </p>
        <p>
        Users of older HWP-format documents that are already trusted should
        convert those documents to other formats before removing the filter
        or upgrading to Apache OpenOffice version 4.1.2.
    </p>
        <p>
        Apache OpenOffice users who do not upgrade can remove the
        problematic filter themselves.  The filter is in the "program"
        folder of their OpenOffice installation.  On <strong>Windows</strong>
        the filter is named "hwp.dll", on <strong>Mac OS X</strong> it is named
        "libhwp.dylib" and on <strong>Linux</strong> it is named "libhwp.so".
        Alternatively the filter can be renamed to anything else (e.g.
        "hwp_renamed.dll") to disable its use.
    </p>



        <p>
            <strong>Further Information</strong>
        </p>
        <p>For additional information and assistance, consult the
           <a href="https://forum.openoffice.org/">Apache OpenOffice Community Forums</a>
           or make requests to the
           <a href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</a>
           public mailing list.
        </p>

        <p><strong>Credits</strong></p>
        <p>Thanks to an anonymous contributor working with VeriSign iDefense Labs.</p>

        <hr />

        <p>
            <a href="http://security.openoffice.org">Security Home</a>
    -&gt; <a href="http://security.openoffice.org/security/bulletin.html">Bulletin</a>
    -&gt; <a href="https://www.openoffice.org/security/cves/CVE-2015-1774.html">CVE-2015-1774</a>
        </p>
    </body>
</html>