I could have sworn I posted this yesterday. Ah well, apparently I didn’t. For our linux brethern here is a vulnerability alert that pertains to KOffice and it’s handling of PowerPoint files. This is highly critical as it can be exploited by a remote user. You should upgrade in short order.
From Secunia:
Description:
A vulnerability has been reported in KOffice, which can be exploited by malicious people to potentially compromise a user’s system.
The vulnerability is caused due to an integer overflow within the “KLaola::readBigBlockDepot()” method in filters/olefilters/lib/klaola.cc. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted PowerPoint (*.ppt) file.
Successful exploitation may allow the execution of arbitrary code.
Solution:
Update to KOffice 1.6.1.
Tags: KOffice, PowerPoint, Overflow Vulnerability, Integer Overflow
