Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A new security update has been released for open source productivity suite OpenOffice.org.The latest version of the suite includes fixes for six security vulnerabilities, four of which could potentially be exploited for arbitrary code execution. The other two flaws could potentially be used to bypass authentication protections.OpenOffice.org said that the two authorisation flaws occurred in the libxml2 and libxmlsec components. The flaws left the two libraries unable to properly examine and authorise file signatures.Among the four remote code execution flaws were vulnerabilities in the handling or XPM and GIF files. The organisation warned that attackers could potentially target vulnerable systems by embedding the attack files within ODF documents.Another remote code flaw exists in the component used to load Microsoft Word files within OpenOffice.org. The organisation warned that attackers could target the flaw with specially-crafted Word documents.Also addressed in the update is a fix for a remote code execution vulnerability in the MSVC Runtime component bundled with the suite. The organisation said that while OpenOffice.org itself was not vulnerable to attack, the component could be targeted through other applications.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.