OpenOffice.org has issued a patch for a security vulnerability affecting several versions of its open-source office suite.

The latest version, 2.4.1, is available for download on the organization's Web site.

The vulnerability is a memory problem called a heap overflow, OpenOffice.org said in an advisory. It can be exploited if an attacker sends someone an OpenOffice.org document that can take advantage of the flaw, which would then allow the hacker "to execute arbitrary commands on the system with the privileges of the user running OpenOffice.org."

So far, no working exploit has been reported, the organization said. The flaw affects Version 2.0 through 2.4.

The upgrade also includes several other fixes and new features, which are listed at OpenOffice.org.

OpenOffice.org, which is supported in part by Sun, competes with Microsoft's Office productivity suite. OpenOffice.org's next major release, 3.0, is scheduled for September.

The IDG News Service is a Network World affiliate.

Whitepapers

• Advancing the Economics of Networking
• Enterprise Data Center Network Reference Architecture
• Implementing HA at the Enterprise Data Center Edge to Connect to a Large Number of Branch Offices
• File Integrity Monitoring: Secure Your Virtual and Physical IT Environments
• Boost Productivity While Cutting Costs with Next-generation Collaboration
• Deploying Virtualized NetWare on Linux Whitepaper

View more SECURITY whitepapers

Webcasts

• PoE Plus: Impact on the PoE Market
• Creating a high performance workplace with wireless networking
• Harnessing the power of communications to increase workplace performance
• Making data centers the IT strategic focus
• Protecting assets and employees with IP Video Surveillance
• Stay out of the headlines: Detecting and preventing network intrusions

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• IP address management in 2008 - six things to know
• The self-managed network

View more SECURITY special reports