OpenOffice Zaps Six Security Bugs

2010-02-18T15:09:00
ID OPENOFFICE-ZAPS-SIX-SECURITY-BUGS-021810/73556
Type threatpost
Reporter Ryan Naraine
Modified 2013-04-17T16:37:48

Description

OpenOffice.org has shipped a new version of the desktop productivity suite to patch six vulnerabilities that could expose users to malicious hacker attacks.

The flaws fixed in OpenOffice.org 3.2 could be exploited via GIF, XPM files and Microsoft Word document processing, according to an advisory released by the open-source group.

Related Posts

Chrome 53 Fixes Address Spoofing Vulnerability, 32 Other Bugs

September 1, 2016 , 11:52 am

FBI Warned State Election Board Systems of Hacks

August 29, 2016 , 5:40 pm

Juniper Acknowledges Equation Group Targeted ScreenOS

August 22, 2016 , 1:52 pm

Here’s the skinny of the vulnerabilities:

  • CVE-2006-4339: Potential
    vulnerability from 3rd party libxml2 libraries
  • CVE-2009-0217: Potential
    vulnerability from 3rd party libxmlsec libraries
  • CVE-2009-2493: OpenOffice.org 3
    for Windows bundles a vulnerable version of MSVC Runtime
  • CVE-2009-2949: Potential
    vulnerability related to XPM file processing
  • CVE-2009-2950: Potential
    vulnerability related to GIF file processing
  • CVE-2009-3301/2: Potential
    vulnerability related to MS-Word document processing

OpenOffice.org users are strongly urged to download and apply the patches.