Full title: Apache OpenOffice 1.0 Windows Installer Trojan Execution Vulnerability 
Category: local exploits
Platform: windows
The Apache OpenOffice installer for Windows contained a defective operation that could trigger execution of unwanted software installed by a Trojan Horse application. The installer defect is known as an unquoted Windows search path vulnerability. In the case of Apache OpenOffice installers for Windows, the PC must have previously been infected by a Trojan Horse application (or user) running with administrator privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit. The exploit may already have operated on the user's PC.

# 0day.today @ http://0day.today/