OpenOffice issued a WMF/EMF code execution fix
It appears that new OpenOffice.org security update has been released.
Red Hat adivsory is located here (rated as Important):
And what the RHSA-2007:0001-3 states:
Several integer overflow bugs were found in the OpenOffice.org WMF file
processor. An attacker could create a carefully crafted WMF file that could
cause OpenOffice.org to execute arbitrary code when the file was opened by
a victim. (CVE-2006-5870)
CVE link listed is not accessible yet.
Update: Link to the CVE.
More details available via Bugzilla Bug 217347 (CVE-2006-5870 WMF heap overflow) opened in November. Related OpenOffice Issue 70042 document opened on 2nd Oct is located at www.openoffice.org/issues/show_bug.cgi?id=70042.
Both 1.1.x and 2.x versions are affected and this patch should be obtained.
These vulnerabilities are reported in OpenOffice prior to version 2.1.0.
The previous remarkable ‘OOo’ update was released in June.
Update: StarOffice versions 6, 7 and 8 are affected too. Link to the short advisory of NGSSoftware: