HomeMalware Attacks
February 18, 2010, 10:09AM

OpenOffice Zaps Six Security Bugs

OpenOffice.org has shipped a new version of the desktop productivity suite to patch six vulnerabilities that could expose users to malicious hacker attacks.

The flaws fixed in OpenOffice.org 3.2 could be exploited via GIF, XPM files and Microsoft Word document processing, according to an advisory released by the open-source group.

Here's the skinny of the vulnerabilities:

  • CVE-2006-4339: Potential vulnerability from 3rd party libxml2 libraries
  • CVE-2009-0217: Potential vulnerability from 3rd party libxmlsec libraries
  • CVE-2009-2493: OpenOffice.org 3 for Windows bundles a vulnerable version of MSVC Runtime
  • CVE-2009-2949: Potential vulnerability related to XPM file processing
  • CVE-2009-2950: Potential vulnerability related to GIF file processing
  • CVE-2009-3301/2: Potential vulnerability related to MS-Word document processing

OpenOffice.org users are strongly urged to download and apply the patches.

Recommended Reads


Shorten URL: http://threatpost.com/en_us/3f1. Click to copy to clipboard or post to Twitter

Comments

Submitted by Anonymous (not verified) on Mon, 02/22/2010 - 1:24pm.

I followed the link to their site and found no patches, only the original 3.2.0 download. When are the updates supposed to be available?  Thanks!

Submitted by haslamjd (not verified) on Mon, 02/22/2010 - 1:37pm.

The vulnerabilities mentioned were updated in release 3.2. Download the new version 3.2 to be protected. I followed the links of each issue and they each mentioned that 3.2 fixed the problem. So, I guess to answer your post, the updates are available by downloading 3.2 and replacing your last version.

Submitted by saddique (not verified) on Tue, 02/23/2010 - 12:48pm.

i need to clean my computer

Post new comment

The content of this field is kept private and will not be shown publicly.

Kaspersky Lab Channel and Alliance Partners

 

Copyright © 2010 threatpost.com | Terms of Service | Privacy