OpenOffice.org 2.0.3 fixes three security vulnerabilites that have been found through internal security audits. Although there are currently no known exploits, They urge all users of 2.0.x prior to 2.0.2 to upgrade to the new version or install their vendor’s patches accordingly. Patches for users of OpenOffice.org 1.1.5 will be available shortly.
The three vulnerabilities involve:
- Java Applets, CVE-2006-2199
- Macro, CVE-2006-2198;
A flaw with the macro mechanism could allow an atatacker to include certain macros that would be executed even if the user has disabled document macros. Such macros could potentially have access to the entire system with whatever privileges the current user has.There is no workaround for this issue
- File Format, CVE-2006-3117
A flaw in the parsing of the XML file formats allows for possible buffer overflows in specially malformed documents. The buffer overflow can crash the OpenOffice.org application and might be exploitable for arbitrary code-execution.There is no workaround for this issue.
It is possible for some Java applets to break out of the secure “sandbox” in which they are normally constrained. The applet code could potentially have access to the entire system with whatever privileges the current user has.
A workaround is provided to temporarily disable support for Java applets. Instructions are provided for both 1.1.x and 2.0.x.