CVE-2020-13958

Name of the Vulnerable Software and Affected Versions Apache OpenOffice (affected versions not specified)

Description The issue is related to insufficient access control when handling hyperlinks in Apache OpenOffice. An attacker can exploit this to gain unauthorized access to protected information by using specially crafted documents containing hyperlinks. These hyperlinks can point to an executable on the target user's file system and can be triggered unconditionally. In fixed versions, internal protocols cannot be called from the document event handler, and other hyperlinks require a control-click.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.