Advertisement
Promo

Security threats Toolkit

OpenOffice hit by 'highly critical' vulnerability

Richard Thurston ZDNet.co.uk

Published: 05 Jan 2007 12:22 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

OpenOffice.org has patched a critical vulnerability in the open-source application suite.

The vulnerability concerns the way OpenOffice handles .wmf images. Exploitation of the vulnerability, which affects all but the newest version of OpenOffice, can enable a hacker to perform a buffer overflow and then introduce malicious code to the victim's PC.

Security advisor Secunia rates the vulnerability as "highly critical", and it has urged users to patch their systems.

OpenOffice has uploaded the patch to its website. Users must manually install the file in place of its vulnerable predecessor, or upgrade to the latest version of the software, OpenOffice 2.1. Open-source suppliers such as Red Hat have followed suit by releasing their own patches.

OpenOffice has become increasingly popular as a free alternative to Microsoft's Office suite. It contains all the standard business applications, including word processing, database and spreadsheet programmes.

Although this is the first .wmf vulnerability to hit OpenOffice, such flaws have been a thorn in the side for Windows.

In early 2006, Microsoft acknowledged a critical weakness in the way Windows renders .wmf files, leading to the company releasing patches out of cycle. The UK parliament was attacked at the time using the vulnerability.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
134 out of 156 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:








Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters