Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

OpenOffice Multiple Remote Code Execution Vulnerabilities - Feb10

Information

Severity

Severity

Critical

Family

Family

Buffer overflow

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

12 years ago

Modified

Modified

3 years ago

Summary

This host has OpenOffice running which is prone to multiple remote code execution vulnerabilities.

Insight

Insight

- GIF Files in GIFLZWDecompressor:: GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx leading to heap overflow. - XPM files in XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx leading to an integer overflow. - Microsoft Word document in filter/ww8/ww8par2.cxx leading to application crash or execute arbitrary code via crafted sprmTSetBrc table property in a Word document.

Affected Software

Affected Software

OpenOffice.org versions prior to 3.2

Solution

Solution

Upgrade to OpenOffice.org version 3.2 or later.

Common Vulnerabilities and Exposures (CVE)