OpenOffice.org has issued a patch for a security vulnerability affecting several versions of its open-source office suite. The latest version, 2.4.1, is available for download on the organization"s Web site.
The vulnerability is a memory problem called a heap overflow, OpenOffice.org said in an advisory. It can be exploited if an attacker sends someone an OpenOffice.org document that can take advantage of the flaw, which would then allow the hacker "to execute arbitrary commands on the system with the privileges of the user running OpenOffice.org."