The flaws fixed in OpenOffice.org 3.2 could be exploited via GIF, XPM files and Microsoft Word document processing, according to an advisory released by the open-source group.
Here’s the skinny of the vulnerabilities:
- CVE-2006-4339: Potential
vulnerability from 3rd party libxml2 libraries
- CVE-2009-0217: Potential
vulnerability from 3rd party libxmlsec libraries
- CVE-2009-2493: OpenOffice.org 3
for Windows bundles a vulnerable version of MSVC Runtime
- CVE-2009-2949: Potential
vulnerability related to XPM file processing
- CVE-2009-2950: Potential
vulnerability related to GIF file processing
- CVE-2009-3301/2: Potential
vulnerability related to MS-Word document processing
OpenOffice.org users are strongly urged to download and apply the patches.