Security website Secunia rated the vulnerabilities as 'moderately critical', its third most severe designation on a five-step scale.
The first flaw is a vulnerability in the way that the suite handles Java applets, which could provide an attacker with full access to a system through a specially crafted Java application.
This could lead to data loss or disclosure of sensitive data, or cause additional security issues, Openoffice.org warned in a security advisory.
A second vulnerability could allow an attacker to take control of a system by embedding basic code into a document. The code would be executed on loading the document without warning the user.
The last vulnerability could cause a buffer overflow through the use of a malformed XML document. The flaw could also allow an attacker to take control of a system.
OpenOffice.org credited a vulnerability researcher at NGS Software for discovering the XML vulnerability.
The vulnerabilities affect OpenOffice versions 2 and 1.1.5. An update for version 2 is available for download now. A patch for the previous version will be released shortly.
_(28).jpg&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
iTnews Benchmark Awards 2026
iTnews Cloud Covered Breakfast Summit
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
