Language Selection

English French German Italian Portuguese Spanish

OpenOffice Confirms Buffer Overflow Flaw

Filed under
Security

The OpenOffice.org community on Tuesday confirmed the existence of a potentially serious heap-overflow vulnerability in its freely distributed office productivity suite.

The flaw affects OpenOffice Version 1.1.4 and prior and OpenOffice Version 2.0-dev and prior and could put users at risk of code execution attacks.

OpenOffice.org community manager Louis Suarez-Potts confirmed that the vulnerability was discovered in the "StgCompObjStream::Load()" function and occurs when handling a specially crafted ".doc" file.

This could potentially be exploited by attackers to compromise a vulnerable system by convincing a user to open a malicious document with an unpatched application.

"We learned of this March 31 and will be working on it immediately. A patch is ready but it is still going through [quality assurance] testing," Suarez-Potts told eWEEK.com. The update is expected to be available for general download within two days.

Full Story.

More in Tux Machines

Firefox OS heading for Africa — and the U.S. too

Orange announced a $40 “Klif” Firefox OS phone for Africa, and Mozilla says it’s working with Verizon Wireless and others on Firefox OS feature phones. There’s still no evidence that Mozilla’s HTML-focused Firefox OS has made much of a dent in the world smartphone market, where it has been focused on low-end devices sold primarily to emerging markets. Yet, Firefox OS still leads the way among upstart, Linux-based mobile operating systems, and will soon be available in more than 40 markets, this year, on a total of 17 smartphones, according to its latest stats. Meanwhile, the very first Tizen (Samsung Z1) and Ubuntu (BQ Aquaris E4.5) phones have only just shipped, and Jolla’s Sailfish OS based Jolla phones are still mostly limited to Europe. Read more

Why large companies use open source ERP

The main reason larger companies use open source Enterprise Resource Planning (ERP) systems is because they are cheaper and easier to customize. Read more

‘Governments should have a free software policy’

Governments must have policies that increase their use of free and open source software solutions, says Professor Dr Wolfgang Finke from the Ernst-Abbe University of Applied Sciences in Jena (Germany). In many countries, the use of proprietary software might be unsustainable in the long-term, he says, “either from a technical or from a financial point of view.” Read more

Linux Remote Desktop Roundup

Over the years I've found that a significant hurdle to getting family and friends to switch to Linux comes from its lack of familiarity. This is especially true when it comes to troubleshooting any issues. Obviously, when a malfunction occurs it's not always possible to be there in person. However thanks to the wonders of broadband Internet and advanced software, we're now able to do the next best thing. In this article, I'll share some recommended remote desktop software for Linux. I’ll explore both open source and closed source solutions. Read more