Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
OpenOffice Multiple Remote Code Execution Vulnerabilities - Feb10
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host has OpenOffice running which is prone to multiple remote code execution vulnerabilities.
Insight
Insight
- GIF Files in GIFLZWDecompressor:: GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx leading to heap overflow. - XPM files in XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx leading to an integer overflow. - Microsoft Word document in filter/ww8/ww8par2.cxx leading to application crash or execute arbitrary code via crafted sprmTSetBrc table property in a Word document.
Affected Software
Affected Software
OpenOffice.org versions prior to 3.2
Solution
Solution
Upgrade to OpenOffice.org version 3.2 or later.