Issue 48073

Summary: missing security check before running executables bound to OOo graphic objects
Product: Impress Reporter: flibby05
Component: uiAssignee: AOO issues mailing list <issues>
Status: CONFIRMED --- QA Contact:
Severity: Trivial    
Priority: P3 CC: issues
Version: 680m96   
Target Milestone: ---   
Hardware: All   
OS: All   
Issue Type: FEATURE Latest Confirmation in: ---
Developer Difficulty: ---

Description flibby05 2005-04-24 19:24:56 UTC
hi, i am still with m90, but assume the issue is also existent with the most
recent devel build:

By design it is possible to assign executables to graphic objects in the
presentation and drawing component. When comparing to f.e. the macro security
concept absolutely no security checks are made.

I see this as problematic, but did not yet tinker too much of creating a
proof-of-concept-"exploit".
Comment 1 wolframgarten 2005-04-25 10:17:00 UTC
Changed to feature.
Comment 2 ace_dent 2008-05-16 00:53:52 UTC
OpenOffice.org Issue Tracker - Feedback Request.

The Issue you raised is currently assigned to 'Requirements' pending review, but
has not been updated within the last 3 years. Please consider re-testing with
one of the latest versions of OOo, as the problem(s) may have already been
addressed. Either use the recent stable version:
http://download.openoffice.org/index.html
or consider trying the new OOo 3 BETA (still in testing):
http://download.openoffice.org/3.0beta/
 
Please report back the outcome so this Issue may be Closed or Progressed as
necessary - otherwise it may be Resolved as Invalid in the future. You may also
wish to search for (and note) any duplicates of this Issue that may have
advanced further by checking the Issue Tracker:
http://www.openoffice.org/issues/query.cgi
 
Many thanks,
Andrew
 
Cleaning-up and Closing old Issues as part of:
~ The Grand Bug Squash, pre v3 ~
http://marketing.openoffice.org/3.0/announcementbeta.html