Search Perform an advanced search query SOFTPEDIA
 
SOFTPEDIA
Updated one minute ago
HomeSubmit a program for being reviewedAdvertise on our websiteGet help on surfing our websitesSend us your feedbackGet information about our XML/RSS backend and how to use itBrowse the news archiveVisit our discussion forumVizitati forumul in limba romana



KLIP
  1. HOME
  2. SCIENCE
  3. TECHNOLOGY
  4. WEBMASTER
  5. SECURITY
  6. MICROSOFT
  7. LINUX
  8. APPLE
  9. GAMES
  10. TELECOMS
  11. REVIEWS
  12. LIFE & STYLE
  13. EDITORIALS
  14. INTERVIEWS
  15. RSS
Welcome!
Hello, Guest

Login if you have a Softpedia.com account.

Otherwise, register for one.

ADVISORIES

OpenOffice Users Urged to Install Patches

- Multiple vulnerabilities spotted in OpenOffice

By: Bogdan Popa, Security and Search Engines Editor

OpenOffice has always been a pretty popular application, especially thanks to the fact that it offers a freeware alternative to Microsoft Office, the suite of tools
dubbed the most powerful solution in its category. Because of the freeware license but of numerous other advanced features, Microsoft Office quickly gained a large audience, millions of users downloading and installing it on Windows, Linux and Mac systems. However, according to recent reports, these users have to patch their OpenOffice installation in order to remain on the safe side, due to multiple heap based buffer overflow vulnerabilities spotted in the application.

According to SecurityFocus, a successful exploitation could be started through a malicious ODF, Quattro Pro, EMF or OLE file, opened on a vulnerable system. Although the mentioned vulnerabilities affect most OpenOffice versions, you're advised to update to the latest release and keep an eye on the news to find out exactly when a new patch is available.

"OpenOffice is prone to multiple remote heap-based buffer-overflow vulnerabilities because of errors in processing certain files. Remote attackers can exploit these issues by enticing victims into opening maliciously crafted ODF, Quattro Pro, EMF, or OLE files. Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service," SecurityFocus mentioned in the notification published today.

At this time, there's no official confirmation of a successful exploit but users should apply the updates as soon as possible in order to avoid potential attacks. This is quite a general security measure, so if you think that you may have unpatched software on your computer, hurry up and update it.

In case you want to download the latest version of OpenOffice, the one which is dubbed to the most secure, you can find it right here on Softpedia.

MORE RELATED ARTICLES: Best Ten Open Source Desktop Applications of 2007 OpenOffice Accessible through Your Browser NeoOffice Is More Secure than Anytime Before Hey, OpenOffice Users, Update Your Application NOW!
 
Comments | Link here | Subscribe
Print | Send to friend
Today's News | Yesterday's News

Search:

TAGS: openoffice security vulnerability flaw patch

18th April 2008, 08:26 GMT | Copyright (c) 2008 Softpedia | Contact:
Read by 506 user(s) | Rating: | 8 vote(s) so far | Cast your vote:
OpenOffice Users Urged to Install Patches - USER OPINIONS




We are sorry, there are no opinions available for this article.


SHARE YOUR OPINION ABOUT OpenOffice Users Urged to Install Patches

Since you are not logged on, your comments will have to be approved before being displayed.
Click here to login, or register.
Your Name:
Your Email:
Type in the result:
Your Opinion:
 


DO YOU WANT TO CONTACT US?  

If you have some comments or you want to send us some information you can send us an email directly to .
You can use the form below for the same purpose.
Your full name: (at least 3 characters)
Your email address: (at least 5 characters)
Message subject: (at least 5 characters)
Message text:
(at least 10 characters)
Type in the result:
 
 
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and Softpedia™ logo are registered trademarks of SoftNews NET SRL.
Copyright Information | Privacy Policy | Terms of Use | Contact Softpedia | Update your software | Archive