openoffice -- arbitrary code execution vulnerabilities

2008-10-29T00:00:00
ID 842BAFDD-BE2F-11DD-A578-0030843D3802
Type freebsd
Reporter FreeBSD
Modified 2008-10-29T00:00:00

Description

The OpenOffice Team reports:

A security vulnerability with the way OpenOffice 2.x process WMF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite. No working exploit is known right now.

A security vulnerability with the way OpenOffice 2.x process EMF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite. No working exploit is known right now.