Mandriva Linux Security Advisory 2010-221 - OpenOffice.org software suffers from multiple issues. Multiple vulnerabilities was discovered and corrected in the Integer overflow allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow. Heap-based buffer overflow allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression. Integer underflow allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document. Other issues have also been addressed.
bb6f46286a72a84c458eca1873c1c7efbe0c464e0a3e8b3716ddaed8dd11f869Ubuntu Security Notice 903-1 - OpenOffice suffers from multiple vulnerabilities. It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. If a user were tricked into opening a specially crafted image, an attacker could execute arbitrary code with user privileges. Nicolas Joly discovered that OpenOffice did not correctly handle certain Word documents. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary code with user privileges. It was discovered that OpenOffice did not correctly handle certain VBA macros correctly. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary macro commands, bypassing security controls.
d0a5d9315dd8e403cd8b3e519b8802f52fab3266e43dcc3d765e96967c414897Debian Linux Security Advisory 1995-1 - Several vulnerabilities have been discovered in the OpenOffice.org office suite.
ed7afdbc83c23bf583d83934adf7f3db4687e64834d06c0314c0b073c09450ba
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed