Please Install the Updated Packages.

OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. SureRun Security Team discovered an integer overflow flaw leading to a heap buffer overflow in the Windows Metafile (WMF) image format parser. An attacker could create a carefully crafted document containing a malicious WMF file that could cause OpenOffice.org to crash, or, possibly, execute arbitrary code if opened by a victim. (CVE-2008-2237) Multiple integer overflow flaws were found in the Enhanced Windows Metafile (EMF) parser. An attacker could create a carefully crafted document containing a malicious EMF file that could cause OpenOffice.org to crash, or, possibly, execute arbitrary code if opened by a victim. (CVE-2008-2238) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported patches that correct these issues.

openoffice.org on Red Hat Enterprise Linux AS version 3, Red Hat Enterprise Linux ES version 3, Red Hat Enterprise Linux WS version 3, Red Hat Enterprise Linux AS version 4, Red Hat Enterprise Linux ES version 4, Red Hat Enterprise Linux WS version 4

• https://www.redhat.com/archives/rhsa-announce/2008-November/msg00002.html

---

Updated on 2015-03-25