Red Hat Bugzilla – Bug 217347
CVE-2006-5870 WMF heap overflow
Last modified: 2007-11-30 17:07:27 EST
The OpenOffice folks have a patch to catch corrupt wmf/emf files with out of
bounds values in the emf/wmf file. An attacker could create a malicious file in
such a way it may be able to execute arbitrary code if opened in OpenOffice by a
victim. Since this requires user interaction it is severity important.
Affects: RHEL3, RHEL4
Created attachment 142161 [details]
Any news on this update?
There's a lot of building in 5 OOos :-)
RHEL-5: openoffice_org-2.0.4-5.4.12 (bug 217348)
I suspect the embargo date should be pushed out to 12.12.2006 to match 2.1
This issue is public:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.