Please Install the Updated Packages.

Multiple vulnerabilities was discovered and corrected in the OpenOffice.org: Integer overflow allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow (CVE-2009-2949). Heap-based buffer overflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression (CVE-2009-2950). Integer underflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document (CVE-2009-3301). boundary error flaw allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document (CVE-2009-3302). Lack of properly enforcing Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document (CVE-2010-0136). User-assisted remote attackers are able to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed (CVE-2010-0395). Impress module does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an integer truncation error (CVE-2010-2935). Integer overflow in the Impress allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow (CVE-2010-2936). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&amp products_id=490 This update provides OpenOffice.org packages have been patched to correct these issues and additional dependent packages.

openoffice.org on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64