local privilege escalation

Please Install the Updated Packages.

This update of OpenOffice fixes various critical security vulnerabilities - heap-overflow when parsing PPT files CVE-2008-0320 - various buffer-overflows while parsing QPRO files CVE-2007-5745, CVE-2007-5747 (NLD9 not affected) - integer overflow while parsing EMF files CVE-2007-5746 - out-of-bound memory access and a heap-overflow in the regex engine of libICU CVE-2007-4771 (NLD9 not affected) These vulnerabilities can only by exploited remotely with user-assistance and in conjunction with other software receiving OOo documents over the network (like a kmail attachment). Please note that users of SLED10-SP1 that installed the OOo-2.4 update already have the fixes.

OpenOffice_org on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, Novell Linux Desktop 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1

• http://www.novell.com/linux/security/advisories/2008_23_openoffice.html

---

Updated on 2015-03-25