Language Selection

English French German Italian Portuguese Spanish

OpenOffice Confirms Buffer Overflow Flaw

Filed under
Security

The OpenOffice.org community on Tuesday confirmed the existence of a potentially serious heap-overflow vulnerability in its freely distributed office productivity suite.

The flaw affects OpenOffice Version 1.1.4 and prior and OpenOffice Version 2.0-dev and prior and could put users at risk of code execution attacks.

OpenOffice.org community manager Louis Suarez-Potts confirmed that the vulnerability was discovered in the "StgCompObjStream::Load()" function and occurs when handling a specially crafted ".doc" file.

This could potentially be exploited by attackers to compromise a vulnerable system by convincing a user to open a malicious document with an unpatched application.

"We learned of this March 31 and will be working on it immediately. A patch is ready but it is still going through [quality assurance] testing," Suarez-Potts told eWEEK.com. The update is expected to be available for general download within two days.

Full Story.

More in Tux Machines

SUSE Linux Enterprise 12 SP2 to Ship with GNOME 3.20, Public Beta Out Now

Today, June 30, 2016, SUSE has had the great pleasure of announcing the availabilty of a public beta release of its upcoming, commercial SUSE Linux Enterprise 12 Service Pack 2 operating system. Read more

Review: Linux Mint 18 (Sarah)

Portugal vs Poland Live Stream Poland vs Portugal Live Streaming

Review: Linux Mint 18 (Sarah)

If you were looking to jump the Ubuntu ship completely, then we recommend taking a look at our recent Review of Fedora 24. It’s equally as good as Mint 18 and equally worthy of your consideration. Between Linux Mint 18 and Fedora 24, we reckon it’s exciting times in the Linux world. With the exception and onset of the boring world of vanilla Ubuntu releases, Linux feels reinvigorated and fresh once again. Jump on board, because it can only get better from here. Read more

Security Leftovers