New version of fixes critical bug

June 11, 2008 fixes a memory problem in its open source office suite that could allow hackers to execute arbitrary commands on the system has issued a patch for a security vulnerability affecting several versions of its open-source office suite.

The latest version, 2.4.1, is available for download on the organization's Web site.

The vulnerability is a memory problem called a heap overflow, said in an advisory. It can be exploited if an attacker sends someone an document that can take advantage of the flaw, which would then allow the hacker "to execute arbitrary commands on the system with the privileges of the user running"

[ How does stack up against Office 2007? Read our related story. ]

So far, no working exploit has been reported, the organization said. The flaw affects version 2.0 through 2.4.

The upgrade also includes several other fixes and new features, which are listed at, which is supported in part by Sun Microsystems, competes with Microsoft's Office productivity suite.'s next major release, 3.0, is scheduled for September.