KDE Security Advisory - The OLE import filter, which is used in KPresenter to open Microsoft Powerpoint files is vulnerable to an integer overflow problem that can be exploited to expose an heap memory overflow. This issue was reported by Kees Cook from Ubuntu security. KOffice versions 1.4.x and 1.6.0 are affected.
5e616116d126762e0386e401b5ffeb2270a95ffca025fe458d9dd87fc7b1f07b
KOffice Security Advisory: KOffice olefilters integer overflow
Original Release Date: 2006-12-04
URL: http://www.kde.org/info/security/advisory-20061204-1.txt
0. References
CVE-2006-6120
1. Systems affected:
KOffice 1.4.x and 1.6.0. 1.5.x releases are unaffected as well
as 1.6.1 or newer.
2. Overview:
The OLE import filter, which is used in KPresenter to open Microsoft
Powerpoint files is vulnerable to an integer overflow problem that
can be exploited to expose an heap memory overflow. This
issue was reported by Kees Cook from Ubuntu security.
3. Impact:
A maliciously crafted file can cause to execute arbitrary code.
4. Solution:
Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
fo information about how to obtain updated binary packages.
5. Patch:
A patch for KOffice 1.4.0 - KOffice 1.6.0 is available from
ftp://ftp.kde.org/pub/kde/security_patches :
20dff20ccd2e184f1874aa60d85f4380 post-koffice-1.6.0.diff
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed