Vulnerability in OpenOffice

Started by Frands, October 29, 2008, 08:17:04 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Frands

Hi :)

Two security holes have been discovered in the way OpenOffice  deals with Microsoft's media file formats. emf, and. wmf, according to security firm CSIS. All versions prior to OpenOffice 2.4.2 are affected by the vulnerability, which is based on heap-overflows.

The vulnerability makes it possible to run code on a client  with the same rights as the user. The vulnerability can be triggered by sending the user on the client to a specific design file, or by enticing users to click on a link, for example, an e-mail.

CSIS recommends that Open Office users upgrade as soon as possible. The two updated versions of OpenOffice, where the gaps are closed, is 2.4.2 and the new 3.0.

http://www.openoffice.org/security/cves/CVE-2008-2237.html

http://www.openoffice.org/security/cves/CVE-2008-2238.html

Download link: http://download.openoffice.org/index.html

With kind regards
Stealthzone
Our greatest glory is not in never falling but in rising every time we fall.
- Confucius
-----
Trend Micro Internet Security


Home Forums:
https://www.landzdown.com/
http://securitygarden.blogspot.dk/
https://www.classicrockforums.com/

GR@PH;<'S

stealthzone,
Thaks for bringing these to the attentsion of those who have and use OpenOffice

I recommended that any one using OpenOffice to go the updates

GR@PH;<'S   :Hammys pint:
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least.