Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2005:082)
Medium Nessus Plugin ID 18236
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionAD-LAB discovered a heap overflow in the StgCompObjStream::Load() function when OpenOffice.org processes DOC documents. If an attacker created a malicious DOC document that contained a specially crafted header, it could execute arbitrary code with the rights of the user running OpenOffice.org.
The updated packages have been patched to prevent this problem.
SolutionUpdate the affected packages.