CVE-2020-13958
HIGHApache OpenOffice 4.0.0-4.1.7 - Unauthenticated Arbitrary Executable Execution via Hyperlink in Scripting Events
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-13958. PoCs published by Grey-Junior.
AI-analyzed exploit summary This PoC crafts a malicious ODT file exploiting CVE-2020-13958, an XML External Entity (XXE) vulnerability in Apache OpenOffice. The script embeds a crafted hyperlink with an event listener to trigger arbitrary code execution when the document is opened.
Description
A vulnerability in Apache OpenOffice scripting events allows an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be triggered unconditionally. In fixed versions no internal protocol may be called from the document event handler and other hyperlinks require a control-click.
Exploits (1)
This PoC crafts a malicious ODT file exploiting CVE-2020-13958, an XML External Entity (XXE) vulnerability in Apache OpenOffice. The script embeds a crafted hyperlink with an event listener to trigger arbitrary code execution when the document is opened.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H