OpenOffice TIFF security vulnerability

Here's another reason for OpenOffice users to upgrade to the latest version. ZDNet reports today that security researchers iDefense have discovered TIFF-based buffer overflow vulnerabilities in OpenOffice, which could allow attackers to remotely execute code on Linux, Windows or Mac PCs. iDefense says OpenOffice versions 2.0.4 and earlier are vulnerable to maliciously crafted TIFF files, which could be delivered via email attachment, published on a Web site or shared using P2P software. The latest version of OpenOffice (version 2.3) was released on 17 September and is not affected by the flaw.

OpenOffice TIFF flaw affects Windows, Linux and Mac [ZDNet]


Comments

    It's a very good point about OpenOffice's vulnerabilities to exploitations through image files, as many other commercial software products have been susceptible to for years.

    That said, since when was OO.o an operating system?

    Um... look over there! A yeti!
    /edits.

    Thanks for pointing out that goof. :)

Join the discussion!

Trending Stories Right Now