John Heasman discovered a heap overflow in the routines of OpenOffice.org that parse RTF files. A specially crafted RTF file could cause the filter to overwrite data on the heap, which may lead to the execution of arbitrary code. For the old stable distribution (sarge) this problem has been fixed in version 1.1.3-9sarge7. For the stable distribution (etch) this problem has been fixed in version 2.0.4.dfsg.2-7etch1. For the unstable distribution (sid) this problem has been fixed in version 2.2.1~rc1-1. We recommend that you upgrade your openoffice.org packages.
John Heasman discovered a heap overflow in the routines of OpenOffice.org that parse RTF files. A specially crafted RTF file could cause the filter to overwrite data on the heap, which may lead to the execution of arbitrary code.
For the old stable distribution (sarge) this problem has been fixed in version 1.1.3-9sarge7.
For the stable distribution (etch) this problem has been fixed in version 2.0.4.dfsg.2-7etch4.
For the unstable distribution (sid) this problem has been fixed in version 2.2.1~rc1-1.
We recommend that you upgrade your openoffice.org packages.
MD5 checksums of the listed files are available in the original advisory.