--- Ian Lynch <[EMAIL PROTECTED]> wrote: > They can if your system security lets them. If OOo has a bug that lets > Macros run without informing the user that is definitely a vulnerability > and nothing to do with the OS. However usually such things will get > fixed pretty quickly and wel before they become a practical risk.
I'm not sure where the OS entered into it... It doesn't matter as in most cases the just attack wants to run code on your machine. Which is not much different in Linux vs Solaris vs BSD vs Windows if the application is "co-operating". Ian, you have actually read this document - http://www.openoffice.org/security/CVE-2006-2198.html - right? And are aware of the curl overrun problem and how that could be exploited? Want to give an estimate of the number of installation that are still vulnerable to those bugs? And how long will it take for you yourself to upgrade after the next vulnerability is discovered? One rarely talks of "theoretical" attacks without having done some proof of concept experiments. > Ian > -- > www.theINGOTS.org > www.schoolforge.org.uk > www.opendocumentfellowship.org > Sander .sigless ___________________________________________________________ Inbox full of spam? Get leading spam protection and 1GB storage with All New Yahoo! Mail. http://uk.docs.yahoo.com/nowyoucan.html --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
