A vulnerability in OpenOffice Impress could cause memory corruption.
Package | app-office/openoffice-bin on all architectures |
---|---|
Affected versions | < 4.1.3 |
Unaffected versions | >= 4.1.3 |
Apache OpenOffice is an open-source office software suite for word processing, spreadsheets, presentations, graphics, databases and more.
An exploitable out-of-bounds vulnerability exists in OpenOffice Impress when handling MetaActions.
A remote attacker could entice a user to open a specially crafted OpenDocument Presentation .ODP or Presentation Template .OTP file using OpenOffice Impress, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
There is no known workaround at this time.
All OpenOffice users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-office/openoffice-bin-4.1.3"
Release date
March 19, 2017
Latest revision
March 19, 2017: 1
Severity
normal
Exploitable
remote
Bugzilla entries