Ubuntu Security Notice 609-1 - It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. Multiple memory overflow flaws were discovered in OpenOffice.org's handling of Quattro Pro, EMF, and OLE files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges.
c38f3f985ebc83c65928bb7d71bee2febda5aa6a848aa40aaf78da2c6ea8c16aMandriva Linux Security Advisory - Multiple vulnerabilities have been address in OpenOffice including arbitrary java code execution and multiple heap overflows.
53aad6dc18f2ecc79021c30d6f9fd0d42f1897ff8d5dce9466ce7ff17c3237e6Gentoo Linux Security Advisory GLSA 200712-25 - The HSQLDB engine, as used in Openoffice.org, does not properly enforce restrictions to SQL statements. Versions less than 2.3.1 are affected.
1e53e32e33582247af57b2f25aa112d8a309e06fb922229c61f1d6eb821cf84fDebian Security Advisory 1419-1 - A vulnerability has been discovered in HSQLDB, the default database engine shipped with OpenOffice.org. This could result in the execution of arbitrary Java code embedded in a OpenOffice.org database document with the user's privilege. This update requires an update of both openoffice.org and hsqldb.
c16330dba85aa9cc4f0f76fb8674472566d62d50cb9be41f7f80f5c8f1b448b7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed