OpenOffice 3.2 Fixes Several Vulnerabilities
The latest version of OpenOffice fixes several vulnerabilities that could cause a computer to become compromised by a remote attacker. OpenOffice.org has issued version 3.2, which adds a lengthy list of new features and improves the suite's overall performance while also fixing six vulnerabilities.
Three of those problems could allow a remote attacker to execute code. In one of those cases, a malicious XPM file -- a type of image format supported by ODF (OpenDocument Format) -- could be maliciously crafted and allow remote user to execute other code on the computer with the same privileges as the local user.
The suite had a similar vulnerability involving the GIF image format, which has also been fixed. The third vulnerability could allow an attacker to take over a PC by getting a user to open a maliciously crafted Microsoft Word document. All three of those vulnerabilities affect all versions of OpenOffice.org prior to version 3.2.