Some vulnerabilities have been reported in OpenOffice, which can be exploited by malicious people to potentially compromise a user's system.
1) Boundary errors in the parsing of "Attribute" and "Font Description" records in Quattro Pro files can be exploited to cause heap-based buffer overflows via a specially crafted Quattro Pro file with more than 256 records.
2) An integer underflow error in the parsing of Quattro Pro files can be exploited to cause a stack-based buffer overflow via a specially crafted Quattro Pro file.
3) An integer overflow error in the parsing of EMR_STRETCHBLT records in EMF files can be exploited to cause a buffer overflow via a specially crafted EMF file.
4) A boundary error in the parsing of "DocumentSummaryInformation" streams in OLE files can be exploited to cause a heap-based buffer overflow via a specially crafted OLE file.
5) Two errors in the processing of ODF text documents containing specially crafted XForms can be exploited to corrupt heap memory.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: OpenOffice Multiple Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.