Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice

The maintainers of LibreOffice and OpenOffice have shipped
security updates to their productivity software to remediate
multiple vulnerabilities that could be weaponized by malicious
actors to alter documents to make them appear as if they are
digitally signed by a trusted source.

The list of the three flaws is as follows —

Successful exploitation of the vulnerabilities could permit an
attacker to manipulate the timestamp^[1] of signed ODF documents,
and worse, alter the contents^[2]
of a document or self-sign a document^[3]
with an untrusted signature, which is then tweaked to change the
signature algorithm^[4]
to an invalid or unknown algorithm.

In both the latter two attack scenarios — stemming as a result
of improper certificate validation — LibreOffice incorrectly
displays a validly signed indicator suggesting that the document
hasn’t been tampered with since signing and presents a signature
with an unknown algorithm as a legitimate signature issued by a
trusted party.

The weaknesses have been fixed in OpenOffice version 4.1.11^[5] and LibreOffice versions
7.0.5, 7.0.6, 7.1.1 as well as 7.1.2. The Chair for Network and
Data Security (NDS^[6]) at the Ruhr-University
Bochum has been credited with discovering and reporting all three
issues.

The findings are the latest in a series of flaws uncovered by
the Ruhr-University Bochum researchers and follow similar^[7]
attack techniques^[8]
disclosed earlier this year that could potentially enable an
adversary to modify a certified PDF document’s visible content by
displaying malicious content over the certified content without
invalidating its signature.

Users of LibreOffice and OpenOffice are advised to update to the
latest version to mitigate the risk associated with the flaws.