exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2008-2237

Status Candidate

Overview

Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document.

Related Files

Mandriva Linux Security Advisory 2009-006
Posted Jan 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-006 - Heap-based overflow on functions to manipulate WMF and EMF files in OpenOffice.org documents enables remote attackers to execute arbitrary code on documents holding certain crafted either WMF or EMF files. ). This update provide the fix for these security issues and further openoffice.org-voikko package has been updated as it depends on openoffice.org packages.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-2237, CVE-2008-2238
SHA-256 | 764b243a216d03ac1b187c250cae6ce495eea4fbd2df074611469d3ca0e9551b
Gentoo Linux Security Advisory 200812-13
Posted Dec 12, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200812-13 - Multiple vulnerabilities in OpenOffice.org might allow for user-assisted execution of arbitrary code or symlink attacks. Two heap-based buffer overflows when processing WMF files and EMF files were discovered. Dmitry E. Oboukhov also reported an insecure temporary file usage within the senddoc script. Versions less than 3.0.0 are affected.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-2237, CVE-2008-2238, CVE-2008-4937
SHA-256 | 5148e74b000770dea6ce22f6704a513e020b91049da895d70a21b00c52cf536b
Ubuntu Security Notice 677-1
Posted Nov 25, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-677-1 - Multiple memory overflow flaws were discovered in OpenOffice.org's handling of WMF and EMF files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. Dmitry E. Oboukhov discovered that senddoc, as included in OpenOffice.org, created temporary files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS.

tags | advisory, remote, overflow, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2008-2237, CVE-2008-2238, CVE-2008-4937
SHA-256 | 700161a4cc709269aa2c26e7940d1df53c3fd15f82523fa629fe8eafb53dc31f
Debian Linux Security Advisory 1661-1
Posted Oct 30, 2008
Authored by Debian | Site debian.org

Debian Security Advisory DSA 1661-1 - Several vulnerabilities have been discovered in the OpenOffice.org office suite.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2008-2237, CVE-2008-2238
SHA-256 | 1e787385480adb40244cb6a92b3bec80049192a21433483c2b7f36158cfef478
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close