OpenOffice WMF/EMF Integer Overflow Vulnerability

[B]OpenOffice WMF/EMF Integer Overflow Vulnerability[/B]
[I][SIZE="1"]Secunia Advisory: SA23612 Release Date: 2007-01-04 [/SIZE][/I]

[B]Critical: [COLOR="Red"]Highly critical[/COLOR]
Impact:[/B] System access
[B]Where:[/B] From remote
[B]Solution Status: [COLOR="SeaGreen"]Vendor Patch[/COLOR] [/B]

[B]Software:[/B]
OpenOffice 1.0.x
OpenOffice 1.1.x
OpenOffice.org 2.x

[B]Description:[/B]
A vulnerability has been reported in OpenOffice, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to integer overflows within the processor for WMF/EMF files. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted WMF/EMF file.

Successful exploitation may allow the execution of arbitrary code.

[B]Solution:[/B] Apply fixes or update to version 2.1.
[url]http://www.openoffice.org/servlets/ReadMsg?list=releases&msgNo=10454[/url]

Provided and/or discovered by: Reported in an OpenOffice bug.
Original Advisory: [url]http://www.openoffice.org/issues/show_bug.cgi?id=70042[/url]

[URL="http://secunia.com/advisories/23612/"]secunia.com[/URL]

они что кодом Микрософта пользуются? %)