Two weeks after the OpenOffice.org team shipped patches for code execution flaws in office suite, Sun Micrososystems has followed up with a high-priority update for StarOffice, which is based on the open-source code.
Sun's patch, available for Windows, Linux and Solaris, address highly-critical vulnerabilities that could expose users to arbitrary code execution attacks via specially crafted image files.
As previously reported, the vulnerabilities could be exploited via manipulated WMF and EMF files in StarOffice or StarSuite documents.
OpenOffice.org described the bugs as file-handling heap overflows. Patches are available in OpenOffice 2.4.2.