I would suggest that since this exploit seems to be a buffer overflow within repair file routines it is due to dodgy M$ code within Excel.
Since OOo has its own way of repairing files, and its own code, I do not think that OOo-calc would be effected. The true way would be of course to test it... /paul On 6/23/06, NoOp <[EMAIL PROTECTED]> wrote:
Does anyone know if the current Microsoft Excel Repair Mode Code Execution Vulnerability[1] that was reported last week can be exploited if the spreadsheet is opened in OOoCalc? Currently I've managed to remove MS Office from all of my customers machines except 2, and replace them with OOo. For the two that still have MS Office I've patched per the MS instructions, and issued a security warning that until further notice Excel files are to opened _only_ using OOoCalc. However, I'd like to make sure that this action (opening in OOo) is safe as well. [1] Refs: http://secunia.com/advisories/20686/ http://www.microsoft.com/technet/security/advisory/921365.mspx --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
