Bug 143855 - Malware Exploit with Java.exe
Summary: Malware Exploit with Java.exe
Status: RESOLVED INVALID
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: LibreOffice (show other bugs)
Version:
(earliest affected)
unspecified
Hardware: x86-64 (AMD64) Windows (All)
: medium normal
Assignee: Not Assigned
URL:
Whiteboard:
Keywords:
: 144685 (view as bug list)
Depends on:
Blocks:
 
Reported: 2021-08-13 09:49 UTC by JoanaM
Modified: 2021-09-23 18:45 UTC (History)
3 users (show)

See Also:
Crash report or crash signature:

Attachments
rapport Malwarebytes : Malware Exploit Agent Generic (1.08 KB, text/plain)
2021-08-13 09:56 UTC, JoanaM 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description JoanaM 2021-08-13 09:49:28 UTC 
Description:
Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'événement de protection: 13/08/2021
Heure de l'événement de protection: 10:32
Fichier journal: ef9693be-fc10-11eb-9486-4ccc6a04c6f5.json

-Informations du logiciel-
Version: 4.4.5.130
Version de composants: 1.0.1418
Version de pack de mise à jour: 1.0.44092
Licence: Premium

-Informations système-
Système d'exploitation: Windows 10 (Build 19043.1165)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: System

-Détails de l'exploit-
Fichier: 0
(Aucun élément malveillant détecté)

Exploit: 1
Malware.Exploit.Agent.Generic, C:\Program Files\Java\jre1.8.0_301\bin\java.exe -classpath C:\Program Files\LibreOffice\program JREProperties, Bloqué, 0, 392684, 0.0.0, , 

-Données de l'exploit-
Application concernée: LibreOffice
Couche de protection: Application Behavior Protection
Technique de protection: Exploit Office scripting abuse blocked
Nom du fichier: C:\Program Files\Java\jre1.8.0_301\bin\java.exe -classpath C:\Program Files\LibreOffice\program JREProperties
URL: 

(end)

Steps to Reproduce:
1.juste open LibreOffice 7.2.0.3

Actual Results:
close LibreOffice 7.2.0.3 and alert Malwarebytes-(Premium)-4.4.5

Expected Results:
close LibreOffice 7.2.0.3 and alert Malwarebytes


Reproducible: Always


User Profile Reset: Yes



Additional Info:
-Informations du logiciel-
Version: 4.4.5.130
Version de composants: 1.0.1418
Version de pack de mise à jour: 1.0.44092
Licence: Premium

-Informations système-
Système d'exploitation: Windows 10 (Build 19043.1165)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: System
Comment 1 JoanaM 2021-08-13 09:56:44 UTC 
Created attachment 174249 [details]
rapport Malwarebytes : Malware Exploit Agent Generic
Comment 2 Roman Kuznetsov 2021-08-15 08:29:20 UTC 
1. Did you download LibreOffice from an official site https://libreoffice.org ?
2. If your answer for 1 question is a TRUE, then I think it's just an error in your Malwarebytes tool. If your answer for 1 question is a FALSE, then just delete current LibreOffice, download an official build and install it

Please give us a feedback
Comment 3 Buovjaga 2021-09-23 18:42:57 UTC 
*** Bug 144685 has been marked as a duplicate of this bug. ***
Comment 4 Buovjaga 2021-09-23 18:45:26 UTC 
This is a false positive that should be reported to Malwarebytes