CVE-2006-5870

Name of the Vulnerable Software and Affected Versions OpenOffice.org versions prior to 2.1.0 StarOffice versions 6 through 8

Description The issue is related to multiple integer overflows that allow user-assisted remote attackers to execute arbitrary code. This can be achieved via crafted WMF or EMF files that trigger heap-based buffer overflows in specific files, including wmf/winwmf.cxx during processing of META ESCAPE records, and wmf/enhwmf.cxx during processing of EMR POLYPOLYGON and EMR POLYPOLYGON16 records.

Recommendations For OpenOffice.org versions prior to 2.1.0, update to version 2.1.0 or later to resolve the issue. For StarOffice versions 6 through 8, update to a version later than 8 to resolve the issue. As a temporary workaround, consider avoiding the use of WMF and EMF files in OpenOffice.org and StarOffice until a patch is available.