Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Fri, 18 Apr 2008 15:52:49 -0500 Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for openoffice.org on SL3.x, SL4.x i386/x86_64 Comments: To: " This email address is being protected from spambots. You need JavaScript enabled to view it. "Synopsis: Important: openoffice.org security update Issue date: 2008-04-17 CVE Names: CVE-2007-5746 CVE-2008-0320 A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) SL 3.0.x SRPMS: openoffice.org-1.1.2-41.2.0.EL3.src.rpm i386: openoffice.org-1.1.2-41.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-41.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-41.2.0.EL3.i386.rpm x86_64: openoffice.org-1.1.2-41.2.0.EL3.i386.rpm openoffice.org-i18n-1.1.2-41.2.0.EL3.i386.rpm openoffice.org-libs-1.1.2-41.2.0.EL3.i386.rpm SL 4.x SRPMS: openoffice.org-1.1.5-10.6.0.3.EL4.src.rpm i386: openoffice.org-1.1.5-10.6.0.3.EL4.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.3.EL4.i386.rpm openoffice.org-kde-1.1.5-10.6.0.3.EL4.i386.rpm openoffice.org-libs-1.1.5-10.6.0.3.EL4.i386.rpm x86_64: openoffice.org-1.1.5-10.6.0.3.EL4.i386.rpm openoffice.org-i18n-1.1.5-10.6.0.3.EL4.i386.rpm openoffice.org-kde-1.1.5-10.6.0.3.EL4.i386.rpm openoffice.org-libs-1.1.5-10.6.0.3.EL4.i386.rpm -Connie Sieh -Troy Dawson