OpenOffice RTF File Parsing Buffer Overflow Vulnerability

Posted on Wednesday, June 13, 2007 @ 18:39:54 UTC in Security
by Raven

SECUNIA ADVISORY ID: SA25648

VERIFY ADVISORY: http://secunia.com/advisories/25648/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE:
OpenOffice 1.1.x - http://secunia.com/product/302/
OpenOffice.org 2.x - http://secunia.com/product/6157/
OpenOffice 1.0.x - http://secunia.com/product/303/

DESCRIPTION: A vulnerability has been reported in OpenOffice, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the parsing of RTF files and can be exploited to cause a heap based buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code.

SOLUTION: Do not open untrusted RTF files.

PROVIDED AND/OR DISCOVERED BY: Reported in a Debian advisory crediting John Heasman.

ORIGINAL ADVISORY: http://www.us.debian.org/security/2007/dsa-1307
 
 
click Related        click Share
 
News ©

Site Info

Last SeenLast Seen
  • neralex
  • nextgen
Server TrafficServer Traffic
  • Total: 482,289,690
  • Today: 7,955
Server InfoServer Info
  • Apr 18, 2024
  • 05:18 am UTC
 
 

Site Navigation