DSA-2275-1 openoffice.org -- stack-based buffer overflowID: oval:org.secpod.oval:def:600585 | Date: (C)2011-07-08 (M)2022-10-10 |
Class: PATCH | Family: unix |
Will Dormann and Jared Allar discovered that the Lotus Word Pro import filter of OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft Office, is not properly handling object ids in the ".lwp" file format. An attacker can exploit this with a specially crafted file and execute arbitrary code with the rights of the victim importing the file. The oldstable distribution is not affected by this problem.