To comment on the following update, log in, then open the issue: http://www.openoffice.org/issues/show_bug.cgi?id=95583 Issue #|95583 Summary|Integer Overflow vulnerability in rtl_allocateMemory() Component|framework Version|OOo 3.0 Platform|All URL| OS/Version|Windows, all Status|UNCONFIRMED Status whiteboard| Keywords| Resolution| Issue type|PATCH Priority|P5 Subcomponent|code Assigned to|tm Reported by|sysop9001
------- Additional comments from [EMAIL PROTECTED] Wed Oct 29 12:09:20 +0000 2008 ------- A security vulnerability in the custom memory allocation function from OpenOffice.org may lead to heap overflows and allow a remote unprivileged user who provides a OpenOffice.org document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running OpenOffice.org. Just like a security report post here http://www.openoffice.org/security/cves/CVE-2008-2152.html Version affected 3.0 language downloaded and installed Italian Platform used Windows Vista Home Premium 32 Bit Affected files soffice.exe and soffice.bin --------------------------------------------------------------------- Please do not reply to this automatically generated notification from Issue Tracker. Please log onto the website and enter your comments. http://qa.openoffice.org/issue_handling/project_issues.html#notification --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]