[XCSSA] OpenOffice 2.0.3 plugs security holes
xcssa@xcssa.org
xcssa@xcssa.org
Fri, 30 Jun 2006 16:55:45 -0500
For those who don't already know, OpenOffice.org is a full-featured
open-source office suite distributed under the LGPL (GNU Lesser General
Public License). It is compatible with most M$ file formats, and it
includes the ability to export directly to .pdf format without
purchasing Adobe Acrobat. And of course, it's FREE!
Article available at:
http://www.heise.de/english/newsticker/news/74930
Openoffice.org available at:
http://www.openoffice.org/
Quoted from the article:
"With their new versions the developers of the open-source Office suite
are in addition plugging three security holes. These vulnerabilities
would have allowed attackers to execute any code with the privileges of
the Office user. They have, however, according to statements made by the
developers, not yet been actively exploited, but instead were found in
the course of an internal source code review.
"One of the bugs relates to the Sandbox, in which Java applets are
executed. The vulnerability allowed applets to break out of that secure
environment and with user privileges create, overwrite or destroy files,
as well as, for example, read and send confidential data. Another hole
plugged would have allowed macros to be embedded in documents that once
the document is opened execute without a prior query being launched.
Macros can also be made to access files and/or send data.
"The third vulnerability enabling the surreptitious insertion of
malicious code into a system relates to the processing of malformed XML
documents. The buffer overflow this causes allows values to be written
to any location in memory."
Randy