![]() The =INFO("osversion") function has a hard-coded value for OpenOffice/LibreOffice. This is a useful identifier for a few reasons. Most spreadsheet specs, such as XLSX or ODS, provide you with the INFO functions to give you some information about the software or system that opened the spreadsheet.Īn important observation to note here is that many websites we came across allowed for any LibreOffice support file type to be rendered, despite limiting file extensions client-side. We used the following two methods to identify & fingerprint the document rendering service on multiple websites. ![]() Many companies rely on using LibreOffice to export common document formats to HTML/PDF due to it allowing headless file conversions. LibreOffice's Github project has over 500k commits including code that has not been updated in many years. LibreOffice is an open-source fork of OpenOffice and with some google searches you can see there are several critical CVEs for it from the past few weeks alone. We believe our research here is not final, and encourage others to look into this area. The unintended misuse of the Python-UNO bridge by the popular package unoconv resulted in CVE-2019-17400. This writeup covers our efforts to fingerprint LibreOffice, LibreOffice file detection (and abuse) & misuse of the LibreOffice Python-UNO bridge. In our attempt to fingerprint LibreOffice as a PDF rendering service, we identified multiple implementation vulnerabilities. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |