Open source office suite LibreOffice developers patched a vulnerability where attackers could execute arbitrary code using specially crafted RTF files.
The vulnerability affects the RTF parser in LibreOffice, said researchers at Cisco Talos. The flaw can end up exploited with an RTF document that contains a stylesheet and a superscript token, the researchers said of the vulnerability which has a case number of CVE-2016-4324.
“A specially crafted RTF document containing both a stylesheet and superscript element causes LibreOffice to access an invalid pointer referencing previously used memory on the heap. By carefully manipulating the contents of the heap, this vulnerability can be able to be used to execute arbitrary code,” Cisco researchers said in a blog post.
Cisco Talos’ Aleksandar Nikolic discovered the vulnerability.
The attacker needs to somehow trick the targeted individual into opening a malicious RTF file in order to trigger the exploit. It’s not uncommon for cybercriminals to exploit RTF parser vulnerabilities in Microsoft Office to deliver malware and this flaw shows that such attacks are also possible against LibreOffice users.
The issue has been addressed with the release of LibreOffice 5.1.4. Cisco said there is no evidence this vulnerability is suffering from exploitation, but they said users should update their installations to protect themselves against potential attacks.
The developers of various Linux distributions are also analyzing the issue and some have already released package updates to patch the flaw.