[relug] [sempre da /.] Exploitable Buffer Overflow in OpenOffice.org
- From: Daniele Menozzi <menoz@xxxxxx>
- To: relug@xxxxxxxxxxxxx
- Date: Fri, 15 Apr 2005 10:06:04 +0200
Va bene tutto, ma non un attaco subito a causa di un .doc :(
[0]Memorize writes "It turns out that OpenOffice.org can't read MS Office
documents safely, either. A [1]buffer overflow in OpenOffice.org has been
confirmed and would allow an attacker to write a specially-constructed
.doc file that will take control over an OpenOffice.org user's machine.
This vulnerability is exploitable and it exists on every computer with
OpenOffice 1.14 or 2.0b installed. OpenOffice.org will have a fix ready
within days, but how quickly will Linux users patch? This paves the way
for Linux users to be vulnerable to a virus that spreads by sending
itself as email attachments which unsuspecting users then open. Could the
first real Linux virus be drawing near?" Not from the sound of it: the
article says that users would still have to be convinced "to open a
malicious document with an unpatched application."
Discuss this story at:
http://it.slashdot.org/comments.pl?sid=05/04/14/1751256
Links:
0. http://chiralsoftware.net/education
1. http://www.eweek.com/article2/0,1759,1785154,00.asp
--
Free Software Enthusiast
Debian Powered Linux User #332564
http://shine.homelinux.org
Other related posts:
- » [relug] [sempre da /.] Exploitable Buffer Overflow in OpenOffice.org
