Updated October 11, 2016
Updated August 30, 2016
Announced July 21, 2016
An OpenDocument Presentation .ODP or Presentation Template
.OTP file can contain invalid presentation elements that lead
to memory corruption when the document is loaded in Apache
OpenOffice Impress. The defect may cause the document to
appear as corrupted and OpenOffice may crash in a recovery-
stuck mode. A crafted exploitation of the defect can allow an
attacker to cause denial of service (memory corruption and
application crash) and possible execution of arbitrary code.
Impress cannot be used to directly produce documents having the
CVE-2016-1513-related defect. Impress-authored .ODP and .OTP
documents of an user's own that exhibit any of these characteristics
are not the result of an exploit. They may be consequences
of a separate Impress defect that should be reported.
There are no known exploits of this vulnerability.
A proof-of-concept demonstration exists.
Vendor: The Apache Software Foundation
All Apache OpenOffice versions 4.1.2 and older
are affected. OpenOffice.org versions are also
Antivirus products can detect documents attempting to
exploit this vulnerability by employing Snort Signature
Defenses and Work-Arounds:
If you are unable to update, there are other precautions
that can be taken. These precautions are recommended for
all users of all versions of Apache OpenOffice, including
the latest available.
Avoid operating Apache OpenOffice (and any other personal
productivity programs) under a computer account that has
administrative privileges of any kind. While installation
of Apache OpenOffice requires elevated privileges and user
permission on platforms such as Microsoft Windows, operation
of the software does not.
Keeping antivirus/antimalware software current is also
important. This will serve to identify and distinguish
suspicious documents that involve known exploits, avoiding
confusion with documents that are damaged and/or fail
for other reasons.