SuSE 10 Security Update : OpenOffice_org (ZYPP Patch Number 2651)
High Nessus Plugin ID 29365
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionFollowing security problems were fixed in OpenOffice_org :
This update also brings OpenOffice_org to version 188.8.131.52, same as SUSE Linux Enterprise Desktop 10 and contains lots of bugfixes.
It also contains support for the Office XML converter hooks.
- Various problems were fixed in the Wordperfect converter library libwpd in OpenOffice_org which could be used by remote attackers to potentially execute code or crash OpenOffice_org. (CVE-2007-0002)
- A stack overflow in the StarCalc parser could be used by remote attackers to potentially execute code by supplying a crafted document. (CVE-2007-0238)
- A shell quoting problem when opening URLs was fixed which could be used by remote attackers to execute code by supplying a crafted document and making the user click on an embedded link. (CVE-2007-0239)
SolutionApply ZYPP patch number 2651.