 |
|
|
|
OpenOffice multiple security vulnerabilities
updated since 02.09.2009 | | Published: |  | 07.09.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 10195 | | Type: |  | local | | Level: |  | 6/10 | | Description: |  | Buffer overflow and integer overflow on Microsoft Word and EMF documents parsing, vulnerable version in included VCRedist_x86. |
| Affected: |  | OPENOFFICE : OpenOffice 3.1 | | CVE: |  | CVE-2009-2139 (Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a similar issue to CVE-2008-2238.) | | | | CVE-2009-0201 (Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing.") | | | | CVE-2009-0200 (Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow.) |
|
|
|
|
|
|
|
|
