On Fri, Jan 9, 2009 at 7:47 AM, Gordon <[email protected]> wrote: > Mark Knecht wrote: >> >> On Fri, Jan 9, 2009 at 6:17 AM, M Henri Day <[email protected]> wrote: >>> >>> 2009/1/9 Gordon <[email protected]> >>> >>>> I have version 3 installed. >>>> Kaspersky shows this vulnerability: >>>> http://www.viruslist.com/en/advisories/30599 >>>> The solution is to upgrade to 2.4.1!!! >>>> Does V 3 not fix this vulnerability? >>> >>> The version for which the vulnerability ( an «OpenOffice >>> "rtl_allocateMemory()" Integer Overflow Vulnerability») was reported (on >>> 10 >>> June 2008) is, according to the above link «OpenOffice.org 2.x». I >>> understand this to have been fixed not only in 2.4.1 but also in 3.x >>> versions, but it would indeed be pleasant to receive a confirmation.... >>> >>> Henri >>> >> >> Kaspersky is a pretty responsive company, at least through their user >> forums. Someone might want to post a question about this there. >> Probably would have an answer in a few hours. > > Have done so - we'll see what responses there are. >
I see that there was a reasonable response within 15 minute of the original posting. Has anyone tried it? <QUOTE> I have Open Office 3 indtalled on Vista Home Premium SP1. Kaspersky tells me that this vulnerability: http://www.viruslist.com/en/advisories/30599 exists. The solution, according to that page, is to upgrade to version 2.4.1!!!!! I have version THREE! Is this a false postitive with Kaspersky, or is there some other fault somewhere? </QUOTE> Response was: <QUOTE> Someone in the russian section as suggested this a fix: - disable KIS/KAV self-defense - delete files vlns* in \Bases folder - enable self-defense - update KIS/KAV bases </QUOTE> - Mark
