All the latest UK technology news, reviews and analysis

OpenOffice patches three security holes

by Tom Sanders in California

03 Jul 2006

Be the first to comment

  • Tweet this
OpenOffice.org has released an update for its open source productivity suite that plugs three security vulnerabilities
The vulnerabilities affect OpenOffice versions 2 and 1.1.5

OpenOffice.org has released an update for its open source productivity suite that plugs three security vulnerabilities.

Security website Secunia rated the vulnerabilities as 'moderately critical', its third most severe designation on a five-step scale.

The first flaw is a vulnerability in the way that the suite handles Java applets, which could provide an attacker with full access to a system through a specially crafted Java application.

This could lead to data loss or disclosure of sensitive data, or cause additional security issues, Openoffice.org warned in a security advisory

A second vulnerability could allow an attacker to take control of a system by embedding basic code into a document. The code would be executed on loading the document without warning the user.

The last vulnerability could cause a buffer overflow through the use of a malformed XML document. The flaw could also allow an attacker to take control of a system.

OpenOffice.org credited a vulnerability researcher at NGS Software for discovering the XML vulnerability. 

The vulnerabilities affect OpenOffice versions 2 and 1.1.5. An update for version 2 is available for download now. A patch for the previous version will be released shortly.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

data-security-key

Thousands of public encryption keys found to offer no security

Related white papers

Related articles

Related jobs

Today's top stories

Cern Control Centre building

CERN powers up Large Hadron Collider in final search for Higgs Boson

hp-z1-workstation-pc

HP takes wraps off all in one Z1 workstation

Asus Transformer Prime vs Apple iPad 2

Apple iPad 2 vs Asus Transformer Prime head-to-head review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

C++ Market Making Developer - Prop Trading

A leading US Prop Trading House/Market Maker is currently...

Senior Project Manager

A leading financial services group has an urgent requirement...

UI Developer - CSS, HTML, JavaScript with .NET Exposure

UI Developer Wanted - CSS, HTML, JavaScript with .NET...

Java Developer

Java Developer - Gloucestershire - £35-40k per annum...

To send to more than one email address, simply separate each address with a comma.