OpenOffice has its vulnerabilities too

More information available at Security Bulletin 2006-06-29.

They use CVEs to identify three separate issues.

* Java Applet sandbox restriction bypass issue is openoffice.org/security/CVE-2006-2199.html.
Disabling support for Java Applets is a workaround provided.

* Issue related to BASIC macros is openoffice.org/security/CVE-2006-2198.html, in turn.

* And finally, flaws in XML documents handling are being covered at openoffice.org/security/CVE-2006-3117.html.
Credits goes to Wade Alcorn of NGSSoftware, see advisory here.

It is worth of mentioning that both 1.1.x and 2.0.x releases are affected. Fixes for version 1.1.5 are not available yet, however. But they will be released soon.

Update: Sun StarOffice and StarSuite are affected to these issues too.
Details available at Sun security advisories.

Share