Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

OpenOffice 2.4.1 Out - Fixes One Vuln

Published: 2008-06-11
Last Updated: 2008-06-11 15:20:11 UTC
by John Bambenek (Version: 1)
0 comment(s)

OpenOffice has released 2.4.1 which fixes a heap overflow problem that allows attackers to craft malicious OpenOffice documents that can execute arbitrary code.  (See their bulletin). The vulnerability is complicated by the platform independent nature of OpenOffice, but that just means someone has to write several versions of malicious files to ensure infected a variety of operating systems.  Advice is, as always, update to the latest version.

--
John Bambenek / bambenek \at\ gmail |dot| com

Keywords:
0 comment(s)
Diary Archives