Sun plugs holes in StarOffice

Two weeks after the OpenOffice.org team shipped patches for code execution flaws in office suite, Sun Micrososystems has followed up with a high-priority update for StarOffice, which is based on the open-source code.

Sun plugs holes in StarOffice

Two weeks after the OpenOffice.org team shipped patches for code execution flaws in office suite, Sun Micrososystems has followed up with a high-priority update for StarOffice, which is based on the open-source code.

Sun's patch, available for Windows, Linux and Solaris, address highly-critical vulnerabilities that could expose users to arbitrary code execution attacks via specially crafted image files.

[ SEE: Code execution flaws haunt OpenOffice ]

As previously reported, the vulnerabilities could be exploited via manipulated WMF and EMF files in StarOffice or StarSuite documents.

OpenOffice.org described the bugs as file-handling heap overflows.   Patches are available in OpenOffice 2.4.2.