CVE-2006-3117 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-3117
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3117

Description: Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/27571 UBUNTU http://www.ubuntu.com/usn/usn-313-2 http://www.ubuntu.com/usn/usn-313-1 SUSE http://www.novell.com/linux/security/advisories/2006_40_openoffice.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1 ST 1016414 SAID Secunia Advisory: SA20975 Secunia Advisory: SA20910 Secunia Advisory: SA20913 Secunia Advisory: SA20911 Secunia Advisory: SA20893 Secunia Advisory: SA20867 Secunia Advisory: SA20995 Secunia Advisory: SA21278 Secunia Advisory: SA22129 Secunia Advisory: SA23620 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0573.html MISC http://www.ngssoftware.com/advisories/openoffice.txt MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:118 GENTOO http://security.gentoo.org/glsa/glsa-200607-12.xml FEDORA http://fedoranews.org/cms/node/2343 DEBIAN http://www.debian.org/security/2006/dsa-1104 CONFIRM http://www.openoffice.org/security/CVE-2006-3117.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447035/100/0/threaded BID 18739

Return to the previous page.