Many OpenOffice.org users have felt secure in using OpenOffice.org to open
Microsoft Office files, assuming that the malware that attacks Microsoft
Office would not affect the OpenOffice.org suite.
That may well be true, but it looks like the OpenOffice.org suite has a
problem of its own. The OpenOffice.org suite has a vulnerability in its
handling of .doc files. The flaw was discovered at the end of
March, and was reported to the full-disclosure
mailing list on Monday. The vulnerability affects the 1.1.4 and 2.0
series of the OpenOffice.org suite. It's unclear whether the vulnerability
affects StarOffice, but it seems likely that it would.
According to the Secunia
advisory the problem is a boundary error in the
StgCompObjStream::Load()" function used to process .doc
files. Theoretically, this vulnerability could be exploited to execute code in
almost all versions of OpenOffice.org if a user opens a specially-crafted document.
The vulnerability has been labeled
"moderately critical" by Secunia, because it could allow a system to be
compromised, but requires user interaction.
We touched base with OpenOffice.org community manager Louis Suarez-Potts
about the bug. According to Suarez-Potts, work "began
immediately" when the vulnerability was discovered, and the project
is testing the patch on all platforms and languages supported by the
At this time, Suarez-Potts says that the project is not aware of any
real-world exploits of this vulnerability. The vulnerability exists on all
platforms, but he said that he has "no idea" if it would be
possible to craft a document to do something harmful on all platforms, or if
it would only be possible to target one platform with a malformed .doc
It does seem likely that the OpenOffice.org project will be targeted more
frequently by malware authors as it gains in popularity, though
Suarez-Potts says that OpenOffice.org is "not as fun a target as
This should serve as a cautionary tale for users of the OpenOffice.org
suite. While this particular vulnerability was discovered before any
exploits appeared in the wild, it's possible that exploits for future
vulnerabilities could appear before the first report. Even
though OpenOffice.org has a much better track record than Microsoft Office,
users should exercise caution when opening any document from an untrusted
The LWN vulnerability database entry
for this bug will track updates as they become available.
to post comments)