exploit the possibilities
Showing 1 - 8 of 8 RSS Feed

CVE-2009-0200

Status Candidate

Overview

Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow.

Related Files

Gentoo Linux Security Advisory 201408-19
Posted Sep 2, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201408-19 - Multiple vulnerabilities have been found in OpenOffice and LibreOffice, the worst of which may result in execution of arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2006-4339, CVE-2009-0200, CVE-2009-0201, CVE-2009-0217, CVE-2009-2949, CVE-2009-2950, CVE-2009-3301, CVE-2009-3302, CVE-2010-0395, CVE-2010-2935, CVE-2010-2936, CVE-2010-3450, CVE-2010-3451, CVE-2010-3452, CVE-2010-3453, CVE-2010-3454, CVE-2010-3689, CVE-2010-4253, CVE-2010-4643, CVE-2011-2713, CVE-2012-0037, CVE-2012-1149, CVE-2012-2149, CVE-2012-2334, CVE-2012-2665, CVE-2014-0247
MD5 | 00fe09fc4176420a784af14d82db5734
Mandriva Linux Security Advisory 2010-105
Posted May 22, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-105 - This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes for integer and heap-based buffer overflows.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2009-0200, CVE-2009-0201, CVE-2009-2139, CVE-2009-2140, CVE-2009-3736
MD5 | 3fecb8404765ae73d1372db20104948e
Mandriva Linux Security Advisory 2010-091
Posted May 5, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-091 - This update provides a new OpenOffice.org version 3.1.1. An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to table parsing. A heap-based buffer overflow allows remote attackers to execute arbitrary code via a crafted EMF file. Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file. OpenOffice's xmlsec uses a bundled Libtool which might load.la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled.

tags | advisory, remote, overflow, arbitrary, local, trojan
systems | linux, mandriva
advisories | CVE-2009-0200, CVE-2009-0201, CVE-2009-2139, CVE-2009-2140, CVE-2009-3736
MD5 | bfbffa42ccc8de8ca867526115f1eca4
Mandriva Linux Security Advisory 2010-056
Posted Mar 6, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-056 - This update provides the OpenOffice.org 3.0 major version and holds multiple security updates relating to integer and heap buffer overflows.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2009-0200, CVE-2009-0201, CVE-2009-2140, CVE-2009-3736
MD5 | 9563a13d89363c67fc3cf254ed129006
Mandriva Linux Security Advisory 2010-035
Posted Feb 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-035 - This updates provides a new OpenOffice.org version 3.1.1. It provides various security and bug fixes.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-0200, CVE-2009-0201, CVE-2009-2139, CVE-2009-2140, CVE-2009-3736
MD5 | b127bf188e632aa85a5b2e8e8beb0c62
Ubuntu Security Notice 840-1
Posted Oct 2, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 840-1 - Dyon Balding discovered flaws in the way OpenOffice.org handled tables. If a user were tricked into opening a specially crafted Word document, a remote attacker might be able to execute arbitrary code with user privileges. A memory overflow flaw was discovered in OpenOffice.org's handling of EMF files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges.

tags | advisory, remote, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0200, CVE-2009-0201, CVE-2009-2139
MD5 | d2df3256c15f9a93352fc0b5067422db
Debian Linux Security Advisory 1880-1
Posted Sep 7, 2009
Authored by Debian | Site debian.org

Debian Security Advisory DSA 1880-1 - Several vulnerabilities have been discovered in the OpenOffice.org office suite.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-0200, CVE-2009-0201, CVE-2009-2139
MD5 | 7135f915168762d85f9c485d7ca01bd6
OpenOffice.org Word Document Table Parsing Integer Underflow
Posted Sep 2, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in OpenOffice.org, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer underflow error when parsing certain records in the document table. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. OpenOffice 3.1 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2009-0200
MD5 | 4e3cb6699b801d36e8b792dd83af7404
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close