Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: OpenOffice 2.4.1 Out - Fixes One Vuln SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
OpenOffice 2.4.1 Out - Fixes One Vuln

OpenOffice has released 2.4.1 which fixes a heap overflow problem that allows attackers to craft malicious OpenOffice documents that can execute arbitrary code.  (See their bulletin). The vulnerability is complicated by the platform independent nature of OpenOffice, but that just means someone has to write several versions of malicious files to ensure infected a variety of operating systems.  Advice is, as always, update to the latest version.

John Bambenek / bambenek \at\ gmail |dot| com


262 Posts
ISC Handler
Jun 11th 2008

Sign Up for Free or Log In to start participating in the conversation!