CVE-2009-0217

Security Vulnerability in OpenOffice.org resulting from 3rd party library

• Synopsis: OpenOffice.org 2 and 3 might be affected by XML signature HMAC truncation authentication bypass issue in 3rd party library libxmlsec
• State: Resolved

1. Impact

OpenOffice.org 2 and 3 ship with 3rd party libraries affected by the XML signature HMAC truncation authentication bypass issue documented in CVE-2009-0217.

2. Affected releases

• All versions of OpenOffice.org 3 prior to version 3.2
• All versions of OpenOffice.org 2

3. Symptoms

There are no predictable symptoms that would indicate this issue has occurred.

4. Relief/Workaround

None.

5. Resolution

This issue is addressed in the following release: OpenOffice.org 3.2

Security Home -> Bulletin -> CVE-2009-0217