OpenOffice patches trio of holes

OpenOffice.org has released a patch for three security vulnerabilities in its popular open source office suite.

Maliciously crafted Java applets can break out of the sandbox - the security mechanism that runs untrusted code - in OpenOffice.org versions 1.1.x, and 2.0.x, the company said in a bulletin. This could give the malware full access to systems, allowing it to read or send private data, and destroy or replace files.

The second hole enables hackers to inject executable code into OpenOffice documents using a macro, which runs when that document is opened. The user is not asked or notified, and the macro has full access to system resources with current user's privileges, again enabling it to read or send private data, and destroy or replace files.

A buffer overflow vulnerability has also been discovered, by Wade Alcorn of NGSSoftware. The buffer overflow can cause a memory overload and program crash which enables a hacker to attack the affected system.

Users can protect themselves from the first vulnerability by disabling support for Java applets within OpenOffice. There are no workarounds for the macro and buffer overflow vulnerabilities.

Although OpenOffice claims there are currently no known exploits for the vulnerabilities, it has urged all users of 2.0.x prior to 2.0.2 to upgrade to OpenOffice.org 2.0.3.

Patches for users of OpenOffice.org 1.1.5 are not available at the moment but will be "shortly", according to OpenOffice.

The vulnerabilities also affect StarOffice 6.x, 7.x, and 8.x. and StarSuite 7.x and 8.x, according to security company Secunia. StarOffice and StarSuite are Sun's commercial office software offerings, based on the same code as the OpenOffice suite. Patches are available for StarOffice and StarSuite versions 7.x and 8.x.

OpenOffice.org admitted on Tuesday its suite could become more of a target for hackers as it grows in popularity but claimed its structure enabled it to react faster to threats than proprietary software vendors such as Microsoft.

Cristian Driga, OpenOffice.org marketing project co-lead, said: "I believe any software, as it becomes more popular, could be more of a target for hackers.

"But it depends how quickly organisations react. With the open community, we have so many users who report any problem discovered, and our developers react very quickly. We have a faster patch time than Microsoft. OpenOffice also has a lot of different, active language communities, always ready to react."

Driga denied the disclosure of the vulnerabilities would damage OpenOffice's reputation.

He said: "We have a security team that takes care of vulnerabilities 24 hours a day, and the open source community too. Our speed of response would prevent a decrease in popularity."

Tom Espiner writes for ZDNet UK