Description: | OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program.
Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747)
A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746)
A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320)
All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
|