Denial-of-service with OpenOffice.org
A denial-of-service attack against the OpenOffice.org office suite (when it is running with remote access enabled) has been reported. In the report, the attacker connects to a port that OpenOffice.org opens when it is started with the command line soffice "-accept=socket, host=<ip>, port=8100;" and sends to the port a series of characters. Reportedly, after receiving the series of characters, OpenOffice.org then crashes and opens its error report dialog window.
OpenOffice.org has a security flaw, which means that it can be crashed remotely. It can affect all versions, including the new 1.1 release.TrackBack from OpenOffice.org Security Flaw at October 21, 2003 10:28 AM | Permalink