<!DOCTYPE html> | |
<html> | |
<head> | |
<title>CVE-2015-1774</title> | |
<style type="text/css"></style> | |
</head> | |
<body> | |
<!-- These were previously defined as XHTML pages. The current | |
wrapping for the site introduces HTML5 headers and formats. | |
This version is modified to match the wrapping that is done as part | |
of publishing this page and not rely on any particular styling | |
beyond <p>. | |
--> | |
<p> | |
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-1774">CVE-2015-1774</a> | |
</p> | |
<p> | |
<a href="https://www.openoffice.org/security/cves/CVE-2015-1774.html">Apache OpenOffice Advisory</a> | |
</p> | |
<p style="font-size:larger"><strong>Out-of-Bounds Write in HWP File Filter</strong></p> | |
<p> | |
<strong>Version 2.0</strong> | |
<br /> | |
Announced April 27, 2015<br /> | |
Updated October 28, 2015</p> | |
<p> | |
A vulnerability in OpenOffice's HWP filter allows attackers to craft | |
malicious documents that cause denial of service (memory | |
corruption and application crash) and possible execution of arbitrary | |
code. | |
</p> | |
<p> | |
<strong>Severity: Important</strong> | |
</p> | |
<p> | |
<strong>Vendor: The Apache Software Foundation</strong> | |
</p> | |
<p> | |
<strong>Versions Affected</strong> | |
<br /> | |
All Apache OpenOffice versions 4.1.1 and older are affected.<br /> | |
OpenOffice.org versions are also affected.</p> | |
<p> | |
<strong>Mitigation</strong> | |
</p> | |
<p>Update to Apache OpenOffice 4.1.2 or a later version.</p> | |
<p> | |
This mitigation drops Apache OpenOffice support for documents | |
created in "Hangul Word Processor" format. The filter is not | |
installed; it will not be used if present. | |
</p> | |
<p> | |
<strong>Workarounds and Document Migration</strong> | |
</p> | |
<p> | |
Users of older HWP-format documents that are already trusted should | |
convert those documents to other formats before removing the filter | |
or upgrading to Apache OpenOffice version 4.1.2. | |
</p> | |
<p> | |
Apache OpenOffice users who do not upgrade can remove the | |
problematic filter themselves. The filter is in the "program" | |
folder of their OpenOffice installation. On <strong>Windows</strong> | |
the filter is named "hwp.dll", on <strong>Mac OS X</strong> it is named | |
"libhwp.dylib" and on <strong>Linux</strong> it is named "libhwp.so". | |
Alternatively the filter can be renamed to anything else (e.g. | |
"hwp_renamed.dll") to disable its use. | |
</p> | |
<p> | |
<strong>Further Information</strong> | |
</p> | |
<p>For additional information and assistance, consult the | |
<a href="https://forum.openoffice.org/">Apache OpenOffice Community Forums</a> | |
or make requests to the | |
<a href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</a> | |
public mailing list. | |
</p> | |
<p><strong>Credits</strong></p> | |
<p>Thanks to an anonymous contributor working with VeriSign iDefense Labs.</p> | |
<hr /> | |
<p> | |
<a href="http://security.openoffice.org">Security Home</a> | |
-> <a href="http://security.openoffice.org/security/bulletin.html">Bulletin</a> | |
-> <a href="https://www.openoffice.org/security/cves/CVE-2015-1774.html">CVE-2015-1774</a> | |
</p> | |
</body> | |
</html> |