Trio of security holes found in OpenOffice

By

Open source app becomes a little more like its Microsoft counterpart.

Trio of security holes found in OpenOffice
OpenOffice users have been warned to be vigilant following the disclosure of three vulnerabilities in the popular open source alternative to Microsoft Office. 

Security firm Secunia classified the trio of vulnerabilities as 'highly critical', the company's second-highest alert level. 

The vulnerabilities could be exploited to cause anything from a denial-of-service attack to remote execution of code.

The first vulnerability lies in the StarCalc spreadsheet component of OpenOffice. An attacker could use a specially-crafted StarCalc file to exploit the vulnerability and remotely execute code on a user's system.

Discovery of the vulnerability has been credited to security firm

The second vulnerability, first reported by research firm iDefense, lies in the component of OpenOffice that handles WordPerfect (.wpd) files. 

If a user can be persuaded to open a specially-crafted .wpd file, an exploit could be triggered to allow an attacker to remotely execute malware, according to an iDefense advisory

The third vulnerability could allow an attacker to execute arbitrary shell commands within OpenOffice.

Linux developer group Debian said that a user who clicked on a link within a specially-crafted document would be vulnerable to the attack. 

Secunia has urged users to avoid opening suspicious OpenOffice files.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?