فا

‫ Apache OpenOffice Information Disclosure and Command Injection Vulnerabilities

IRCAD2014083480

ID: IRCAD2014083480

Release Date: 2014-08-25

Criticality level: Highly critical

Software:
Apache OpenOffice 4.x
Description:

Two vulnerabilities have been reported in Apache OpenOffice, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system.

1) An error when loading Calc spreadsheets can be exploited to inject arbitrary commands.

2) An error when generating OLE previews can be exploited to embed arbitrary file data into a document.

The vulnerabilities are reported in versions 4.1.0 and prior running on Windows.

Solution

Update to version 4.1.1.

References:

Apache OpenOffice:

Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 11 شهریور 1393

امتیاز

امتیاز شما
تعداد امتیازها:0