A heap overflow was reported in openoffice.org http://www.securityfocus.com/archive/1/395516/2005-04-08/2005-04-14/0 The patch is located here: http://util.openoffice.org/source/browse/util/sot/source/sdstor/stgole.cxx?r1=1.4&r2=1.4.166.1 The upstream bug with a demo exploit is here: http://www.openoffice.org/issues/show_bug.cgi?id=46388
This issue also affects RHEL3
This issue is going to be covered by RHSA-2005:375
Created attachment 113151 [details] exploit doc for this vuln
packages attached to RHSA-2005:375 and passed rpmdiff. Awaiting QA.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-375.html