Technology news and Jobs arrow Information Technology News arrow 'Highly critical' update for OpenOffice
'Highly critical' update for OpenOffice E-mail
by Stephen Withers   
Thursday, 06 December 2007
OpenOffice 2.3.1 fixes a variety of bugs, but one of the most important concerns a vulnerability in the database engine shipped with the package.
Register now to win a Canon EOS 500D Cannon EOS 500D Digiral SLR

A flaw in the HSQLDB database engine could be exploited to execute arbitrary static Java code if an attacker could induce a user to open a maliciously crafted database document.

Secunia rates the vulnerability as 'highly critical'.

OpenOffice 2.3.1 includes HSQLDB 1.8.0.9, which fixes the issue. Any version prior to 2.3.1 should be updated. Since HSQLBD is written in Java, all supported platforms are affected.

Users of OpenOffice derivatives should either watch for a corresponding update or (if necessary) install the revised version of the database which can be downloaded via hsqldb.org.

Please enable JavaScript in your browser to post your comment!

Tags See All Tags Add New Tag...

Please Enter New Tags Separated By Comma's
  Or Close

Linux  Macintosh  Malware  Open Source  Security  Software  Stephen Withers  Windows 
Powered By Joomla Tags
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
 665,005
Subscribers 14,517
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire , Subscribe to SMS headlines