(RHSA-2007:0069) Important: openoffice.org security update

2007-03-22T04:00:00
ID RHSA-2007:0069
Type redhat
Reporter RedHat
Modified 2017-09-08T12:05:13

Description

OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program.

John Heasman discovered a stack overflow in the StarCalc parser in OpenOffice. An attacker could create a carefully crafted StarCalc file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-0238)

Flaws were discovered in the way OpenOffice.org handled hyperlinks. An attacker could create an OpenOffice.org document which could run commands if a victim opened the file and clicked on a malicious hyperlink. (CVE-2007-0239)

All users of OpenOffice.org are advised to upgrade to these updated packages, which contain a backported fix to correct this issue.