You are here

V-185: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability

June 25, 2013 - 12:41am

Addthis

PROBLEM:

Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability

PLATFORM:

Apache OpenOffice SDK 3.x

ABSTRACT:

Apache has acknowledged a vulnerability in Apache OpenOffice SDK

REFERENCE LINKS:

Apache OpenOffice
Secunia Advisory SA53963
Secunia Advisory SA53846
CVE-2013-1571

IMPACT ASSESSMENT:

Medium

DISCUSSION:

The vulnerability is caused due to a UDK 3.2.7 Java API Reference JavaDoc file having been generated using a vulnerable version of Oracle Java.

IMPACT:

Apache can be exploited by malicious people to conduct spoofing attacks.

SOLUTION:

The vendor has issued a fix.

Addthis