Sun Alert 243226 Security Vulnerability in StarOffice/StarSuite Related to EMF Files May Lead to Heap Overflows and Arbitrary Code Execution
By security on Jul 16, 2009
A security vulnerability with the way StarOffice/StarSuite 7 and 8 process EMF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite.
This issue is described in the following document:
CVE-2008-2238 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-2238
Sun acknowledges with thanks, an anonymous researcher working with the iDefense VCP (http://labs.idefense.com/vcp/) for bringing this issue to our attention.