openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-2652)
High Nessus Plugin ID 27136
SynopsisThe remote openSUSE host is missing a security update.
DescriptionFollowing security problems were fixed in OpenOffice_org :
CVE-2007-0002: Various problems were fixed in the Wordperfect converter library libwpd in OpenOffice_org which could be used by remote attackers to potentially execute code or crash OpenOffice_org.
CVE-2007-0238: A stack overflow in the StarCalc parser could be used by remote attackers to potentially execute code by supplying a crafted document.
CVE-2007-0239: A shell quoting problem when opening URLs was fixed which could be used by remote attackers to execute code by supplying a crafted document and making the user click on an embedded link.
Also support for the upcoming ODF - OfficeXML converter was added.
SolutionUpdate the affected OpenOffice_org packages.