Zero Day

Ryan Naraine and Dancho Danchev

Get Zero Day via:: Mobile; RSS; Email Alerts
Bios:: Ryan’s Bio; Dancho’s Bio

September 18th, 2009

Sun patches 'critical' StarOffice/StarSuite flaw

Posted by Ryan Naraine @ 12:30 pm

Categories: Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Open source, Patch Watch

Tags: Sun Microsystems Inc., Flaw, Patch Management, Microsoft Word, Word Processors, Microsoft Office, Security, Office Suites, Software, Ryan Naraine

Sun Microsystems has shipped a fix for a critical vulnerability affecting its StarOffice/StarSuite product lines.

The flaw, which exposes users to code execution attacks, affect StarOffice/StarSuite 7 StarOffice/StarSuite 8 StarOffice/StarSuite 9.

Here’s the Skinny from Sun’s advisory:

A security vulnerability in StarOffice/StarSuite, related to Microsoft Word document handling, may allow a remote unprivileged user to execute arbitrary code on the system with the privileges of a local user running StarOffice/StarSuite, if the local user opens a crafted Microsoft Word document provided by the remote user.

Dyon Balding of Secunia Research is credited for finding and reporting the issue to Sun.

Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.

Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

Talkback
Most Recent of 7 Talkback(s)

Thread View
Flat View

RE: Sun patches 'critical' StarOffice/StarSuite flaw: Question to StarOffice/StarSuite users. I product manage a security product for Windows computers called AppGuard. It occurs to me that our QA staff probably hasn't tested explicitly for any problem... (Read the rest); Posted by: eiverson@... Posted on: 09/21/09 You are currently: a Guest | Log in | Terms of Use

Sun patches Openoffice.org with 3.1.1 21_years_IT | 09/18/09

Open_Office is FREE Christian_<>< | 09/18/09

So, Linux invulnerable to this? honeymonster | 09/19/09

Depends... privatejarhead | 09/19/09

Yup, depends on exploit. Fail on root/Linux honeymonster | 09/19/09

RE:Yup, depends on exploit. Fail on root/Linux richdave | 09/21/09

RE: Sun patches 'critical' StarOffice/StarSuite flaw eiverson@... | 09/21/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Finally, an easier way for Small and Mid-Sized Companies to Run Their Business Applications: IBM Smart Business IBM From the PC to the Internet to every piece of hardware and software in ... Download Now
VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now

Blogs From Our Sponsors

Top Rated

Facebook password-reset spam is Bredolab botnet attack+46 votes
Thousands of web sites compromised, redirect to scareware+43 votes
Microsoft confirms 'detailed' Windows 7 exploit+43 votes
Firefox hit by multiple drive-by download flaws+41 votes
Which antivirus is best at removing malware?+39 votes
iHacked: jailbroken iPhones compromised, $5 ransom demanded+32 votes
New LoroBot ransomware encrypts files, demands $100 for decryption+28 votes
Mac OS X mega patch covers 58 security vulnerabilities+26 votes

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now
Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
Linking Decisions and Information for Organizational Performance Read the Tom Davenport study

Zero Day

Ryan Naraine and Dancho Danchev

September 18th, 2009

Sun patches 'critical' StarOffice/StarSuite flaw

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads

Zero Day

Ryan Naraine and Dancho Danchev

September 18th, 2009

Sun patches 'critical' StarOffice/StarSuite flaw

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Keep up with ZDNet

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads