Computer Security
[EN] securityvulns.ru no-pyccku


OpenOffice integer overflows
Published:31.08.2010
Source:
SecurityVulns ID:11107
Type:remote
Threat Level:
5/10
Description:Integer overflows in Impress.
Affected:OPENOFFICE : OpenOffice 3.2
CVE:CVE-2010-2936 (Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 3.2.1 on Windows allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.)
 CVE-2010-2935 (simpress.bin in the Impress module in OpenOffice.org (OOo) 3.2.1 on Windows does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error.")
Original documentdocumentDEBIAN, [SECURITY] [DSA 2099-1] New OpenOffice.org packages fix arbitrary code execution (31.08.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod