Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. The updated packages have been patched to fix the issue. The OpenOffice.org package for Mandriva Corporate 3 missed the patch application due to a build error. This update fixes that.
cba8ef6fe369d68f51876e63cd4e84efabd1b52022f827bc2ffa123464041e03
Gentoo Linux Security Advisory GLSA 200807-05 - Sean Larsson (iDefense Labs) reported an integer overflow in the function rtl_allocateMemory() in the file sal/rtl/source/alloc_global.c. Versions less than 2.4.1 are affected.
56902be5c5e213a71bea6f352a05ba6fb8539b4595fbd903b4dd774ddbc86008
Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. The updated packages have been patched to fix the issue.
69a05877ce4c258e785661f38b80ef520fc3ed2e12a8ab6d59fbfaaf1add6306
Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. Also, according to bug #38874 decimal numbers on Hebrew documents would appear as Arabic characters. Another issue (#39799) is with (Tools -> Options -> OpenOffice.org Writer -> General). Even setting to centimeters on (Indent & Spacing) option it shows as characters (ch) on (Indents & Spacing) configuration on the menu: (Format -> Paragraph -> Indents & Spacing). Moreover, a document holding Notes edited on Microsoft Office would not show when opened with OpenOffice. These and a number of other OpenOffice.org issues were fixed by the new version provided in this update.
2e84c6d73a917e36aa0188a5765a22864416f5aacac8012f5275526bd414ff8b
iDefense Security Advisory 06.10.08 - Remote exploitation of an integer overflow vulnerability in OpenOffice, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the logged-in user. The vulnerability exists due to the rtl_allocateMemory() function rounding up allocation requests to be aligned on an 8 byte boundary without checking if this rounding results in an integer overflow condition. iDefense has confirmed the existence of this vulnerability in OpenOffice version 2.4. Previous versions may also be affected.
15340a7bbc8dd9478c22d89f115c6bb4901e3af89d82ce430bfc983d69017778