Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2004:103)
Low Nessus Plugin ID 14840
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA vulnerability in OpenOffice.org was reported by pmladek where a local user may be able to obtain and read documents that belong to another user. The way that OpenOffice.org created temporary files, which used the user's umask to create the file, could potentially allow for other users to have read access to the document (again, dependent upon the user's umask).
The updated packages have been patched to prevent this problem.
SolutionUpdate the affected packages.