To comment on the following update, log in, then open the issue:
http://www.openoffice.org/issues/show_bug.cgi?id=43774
Issue #:|43774
Summary:|Security: No macro security check in Writer/Web with
|embedded scripts in HTML pages
Component:|framework
Version:|OOo 2.0
Platform:|All
URL:|
OS/Version:|All
Status:|NEW
Status whiteboard:|
Keywords:|
Resolution:|
Issue type:|DEFECT
Priority:|P2
Subcomponent:|code
Assigned to:|os
Reported by:|jsk
------- Additional comments from [EMAIL PROTECTED] Tue Mar 1 00:29:54 -0800
2005 -------
Apparently there is no security checking at all.
Sample:
<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY SDONLOAD="standard.browser.main">
<SCRIPT LANGUAGE="StarBasic">
<!--
' $LIBRARY: Standard
' $MODULE: Browser
Sub main
MsgBox("StarScript hat Vollzugriff!",64,"ACHTUNG")
End Sub
' -->
</SCRIPT>
</BODY>
</HTML>
Confirmed by: US, JSK
JSK->OS: I suspect the security mechanism isn't called at all so i have
difficulties to pinpoint the right owner for this issue. Please redistribute.
---------------------------------------------------------------------
Please do not reply to this automatically generated notification from
Issue Tracker. Please log onto the website and enter your comments.
http://qa.openoffice.org/issue_handling/project_issues.html#notification
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
