Apache OpenOffice (AOO) Bugzilla – Issue 48073
missing security check before running executables bound to OOo graphic objects
Last modified: 2013-02-07 22:34:49 UTC
hi, i am still with m90, but assume the issue is also existent with the most recent devel build: By design it is possible to assign executables to graphic objects in the presentation and drawing component. When comparing to f.e. the macro security concept absolutely no security checks are made. I see this as problematic, but did not yet tinker too much of creating a proof-of-concept-"exploit".
Changed to feature.
OpenOffice.org Issue Tracker - Feedback Request. The Issue you raised is currently assigned to 'Requirements' pending review, but has not been updated within the last 3 years. Please consider re-testing with one of the latest versions of OOo, as the problem(s) may have already been addressed. Either use the recent stable version: http://download.openoffice.org/index.html or consider trying the new OOo 3 BETA (still in testing): http://download.openoffice.org/3.0beta/ Please report back the outcome so this Issue may be Closed or Progressed as necessary - otherwise it may be Resolved as Invalid in the future. You may also wish to search for (and note) any duplicates of this Issue that may have advanced further by checking the Issue Tracker: http://www.openoffice.org/issues/query.cgi Many thanks, Andrew Cleaning-up and Closing old Issues as part of: ~ The Grand Bug Squash, pre v3 ~ http://marketing.openoffice.org/3.0/announcementbeta.html