In association with heise online

17 April 2008, 12:45

Details of security fixes in OpenOffice 2.4

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

In version 2.4 of the OpenOffice open-source office package, which appeared some three weeks ago, the developers have plugged some critical security holes. In order to give developers of products based on OpenOffice the opportunity to eliminate the problems too, they have only now published security advisories about the vulnerabilities.

All OpenOffice versions before 2.4 can come unstuck while processing manipulated ODF files with XForms, as a result of which injected code can be executed. OpenOffice versions from 1.1 to 2.3.1 also have problems when opening crafted Quattro Pro, EMF and OLE files that can allow execution of malicious code. No further details about these vulnerabilities are being given by the OpenOffice developers.

Users of OpenOffice should update to version 2.4 as soon as possible, if they have not already done so. They should not use older versions of OpenOffice to open unrequested documents or those not coming from trusted sources.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit