10 Jun 2008
11 Jun 2008
This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
A vulnerability has been reported in OpenOffice, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an integer overflow error in "rtl_allocateMemory()" and can be exploited to cause heap-based buffer overflows via a specially crafted document.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in versions 2.0 to 2.4.
Update to version 2.4.1.
Sean Larsson, iDefense Labs