Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: OpenOffice 2.4.1 Out - Fixes One Vuln SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
OpenOffice 2.4.1 Out - Fixes One Vuln

OpenOffice has released 2.4.1 which fixes a heap overflow problem that allows attackers to craft malicious OpenOffice documents that can execute arbitrary code.  (See their bulletin). The vulnerability is complicated by the platform independent nature of OpenOffice, but that just means someone has to write several versions of malicious files to ensure infected a variety of operating systems.  Advice is, as always, update to the latest version.

John Bambenek / bambenek \at\ gmail |dot| com


258 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!