openoffice.org: arbitrary code execution
| Package(s): | openoffice.org | CVE #(s): | CVE-2008-2366 | ||||
| Created: | June 16, 2008 | Updated: | June 18, 2008 | ||||
| Description: | From the Red Hat advisory: It was discovered that certain libraries in the Red Hat Enterprise Linux 3 and 4 openoffice.org packages had an insecure relative RPATH (runtime library search path) set in the ELF (Executable and Linking Format) header. A local user able to convince another user to run OpenOffice in an attacker-controlled directory, could run arbitrary code with the privileges of the victim. (CVE-2008-2366) | ||||||
| Alerts: |
| ||||||