openoffice.org - arbitrary code execution

Several vulnerabilities have been discovered in the OpenOffice.org
office suite. The Common Vulnerabilities and Exposures project
identifies the following problems:

• CVE-2009-0200
  Dyon Balding of Secunia Research has discovered a vulnerability,
  which can be exploited by opening a specially crafted Microsoft
  Word document.

When reading a Microsoft Word document, a bug in the parser of
sprmTDelete records can result in an integer underflow that may
lead to heap-based buffer overflows.

Successful exploitation may allow arbitrary code execution in the
context of the OpenOffice.org process.

• CVE-2009-0201
  Dyon Balding of Secunia Research has discovered a vulnerability,
  which can be exploited by opening a specially crafted Microsoft
  Word document.

When reading a Microsoft Word document, a bug in the parser of
sprmTDelete records can result in heap-based buffer overflows.

Successful exploitation may allow arbitrary code execution in the
context of the OpenOffice.org process.

• CVE-2009-2139
  A vulnerability has been discovered in the parser of EMF files of
  OpenOffice/Go-oo 2.x and 3.x that can be triggered by a specially
  crafted document and lead to the execution of arbitrary commands
  the privileges of the user running OpenOffice.org/Go-oo.

This vulnerability does not exist in the packages for oldstable,
testing and unstable.

For the old stable distribution (etch) these problems have been fixed in
version 2.0.4.dfsg.2-7etch7.

For the stable distribution (lenny) these problems have been fixed in
version 2.4.1+dfsg-1+lenny3 and higher.

For the unstable (sid) and testing (squeeze) distribution these
problems have been fixed in version 3.1.1~ooo310m15-1.

We recommend that you upgrade your Openoffice.org package.