CNNVD-202511-1495 Information
CNNVD ID
CNNVD-202511-1495
Related CVE
- CNNVD Published: 2025-11-12
Description (Chinese)
Apache OpenOffice是美国阿帕奇(Apache)基金会的一款开源的办公软件套件。该套件包含文本文档、电子表格、演示文稿、绘图、数据库等。 Apache OpenOffice 4.1.15及之前版本存在安全漏洞,该漏洞源于缺少授权检查,可能导致外部链接被自动加载并传输系统信息。
Description (English)
Apache OpenOffice is an open-source office software package for the Apache Foundation in the United States. The package contains text documents, spreadsheets, presentations, drawings, databases, etc. There is a security loophole in Apache OpenOffice 4.1.15 and earlier versions, which stems from a lack of authorization checks and may result in external links being automatically loaded and transmitted with system information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-11-12
Last Modified
2026-02-24
References
https://lists.apache.org/thread/4yg1gv71f14fw4ky4ds50o6xjq49594g https://www.openoffice.org/security/cves/CVE-2025-64407.html https://vigilance.fr/vulnerability/Apache-OpenOffice-code-execution-via-URL-Fetching-INI-File-48731 https://access.redhat.com/security/cve/cve-2025-64407
Patch
https://www.openoffice.org/download/
Share on: