remote code execution
Please Install the Updated Packages.
Several security problems were fixed in the Wordperfect converter library libwpd and OpenOffice_org: For SUSE Linux 10.1 this aligns the version with the one shipped with SUSE Linux Enterprise Desktop 10. - CVE-2007-0002: Various problems were fixed in libwpd in OpenOffice_org which could be used by remote attackers to potentially execute code or crash OpenOffice_org. This library is shipped stand-alone in openSUSE 10.2, but included in OpenOffice_org packages in previous distributions. - CVE-2007-0238: A stack overflow in the StarCalc parser could be used by remote attackers to potentially execute code by supplying a crafted document. This was reported by NGS Software to the OpenOffice team. - CVE-2007-0239: A shell quoting problem when opening URLs was fixed which could be used by remote attackers to execute code by supplying a crafted document and making the user click on an embedded link. Also support for the ODF - OpenXML converter was added to the OpenOffice_org packages.
OpenOffice_org,libwpd on SUSE LINUX 10.1, openSUSE 10.2, Novell Linux Desktop 9, SUSE SLED 10
Updated on 2015-03-25