Computer Security
[EN] securityvulns.ru no-pyccku


Multiple OpenOffice security vulnerabilities
updated since 29.03.2007
Published:05.04.2007
Source:
SecurityVulns ID:7501
Type:client
Threat Level:
6/10
Description:Shell characters problem on document open, code execution.
Affected:OPENOFFICE : OpenOffice 1.1
 OPENOFFICE : OpenOffice 2.0
 OPENOFFICE : OpenOffice 2.1
CVE:CVE-2007-0239 (OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document.)
 CVE-2007-0238 (Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note.)
Original documentdocumentNGSSoftware Insight Security Research Advisory (NISR), High Risk Vulnerability in OpenOffice (05.04.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod