Exploitable Buffer Overflow in OpenOffice.org 64
Memorize writes "It turns out that OpenOffice.org can't read MS Office documents safely, either. A buffer overflow in OpenOffice.org has been confirmed and would allow an attacker to write a specially-constructed .doc file that will take control over an OpenOffice.org user's machine. This vulnerability is exploitable and it exists on every computer with OpenOffice 1.14 or 2.0b installed. OpenOffice.org will have a fix ready within days, but how quickly will Linux users patch? This paves the way for Linux users to be vulnerable to a virus that spreads by sending itself as email attachments which unsuspecting users then open. Could the first real Linux virus be drawing near?" Not from the sound of it: the article says that users would still have to be convinced "to open a malicious document with an unpatched application."
Re:A security hole by any other name... (Score:5, Interesting)
I would guess that generally speaking though, Linux users are a tad more tech-savvy than the Windows users, at least at this point. Not because of any bias, but simply because the majority of Linux users currently are the tech-oriented, as they are always amongst the first adopters of new technology.
Already fixed in openoffice-ximian for Gentoo (Score:3, Interesting)
Yeah, I'm a fanboy.
Re:Already fixed in openoffice-ximian for Gentoo (Score:3, Interesting)
Yeah, I'm a fanboy too.