Trilight Zone Forum Index Trilight Zone
Privacy & Anonymity is our speciality !
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Security Flaws Haunt PDF, OpenOffice Users

 
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security
Author Message
tricore
Guest
PostPosted: Fri Jan 05, 2007 3:54 am    Post subject: Security Flaws Haunt PDF, OpenOffice Users Reply with quote
OpenOffice, the free office suite that offers an alternative to the dominant Microsoft Office software, is vulnerable to a WMF (Windows Metafile) code-execution flaw.
The bug, which is rated "highly critical" by security alerts aggregator Secunia, can be exploited by specially rigged WMF file.

"The vulnerability is caused due to integer overflows within the processor for [WMF] files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted file," Secunia warned.


In a successful attack scenario, a rigged WMF file could cause OpenOffice to execute arbitrary code when the file was opened by the target.

Secunia recommends that OpenOffice users upgrade to Version 2.1, which has been patched.

Red Hat has also shipped updates to correct the issue.

This is the second major flaw to affect OpenOffice, which supports the OpenDocument standard for data interchange. In April 2005, the open-source group was forced to rush out a fix for a buffer overflow that put users at risk of code execution attacks.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Trilight Zone Forum Index -> Security All times are GMT
Page 1 of 1

 


Powered by phpBB © 2001, 2005 phpBB Group