ADMIN - Explore the new world of system administration! Special introductory offer! Order by September 30th to save 10% off the regular subscription price! Each issue delivers technical solutions to the real-world problems you face every day. Learn the latest techniques for better:
network security
system management
troubleshooting
performance tuning
virtualization
cloud computing
on Windows, Linux, Solaris, and popular varieties of Unix.
An unknown software researcher discovered a highly critical vulnerability in the Star Office package. Manufacturer Sun has released patches to resolve the issue.
Attackers could use a carefully crafted TIFF file to exploit the vulnerability (CVE-2007-2834) in Star Office. If a user opened the file, it would trigger a buffer overflow that would allow the attacker to run arbitrary code on the machine and corrupt the victim's operating system.
The error affects versions 6, 7 and the current Star Office 8 on the Solaris, Linux and Windows platforms. Earlier versions are not affected says Sun. Patches for various versions and systems are available for downloading from Sun Support. Due to the severity of the bug an immediate update is recommended.
Open Office, which uses the same code base, was also affected by the issue. Version 2.3, which was released September 17, fixed the bug. Users with earlier versions should update to 2.3 as soon as possible.
Comments