OpenOffice.org Word Documents Parsing Buffer Overflow Vulnerability (Linux) Network Vulnerability

Summary

The host has OpenOffice installed and is prone to Buffer Overflow vulnerability.

Impact

Successful remote exploitation could result in arbitrary code execution on the affected system which leads to application crash and compromise a vulnerable system. Impact Level: System/Application

Solution

Upgrade to OpenOffice Version 3.1.1 or later For updates refer to http://www.openoffice.org/

Insight

- An integer underflow error occurs when parsing certain records in a Word document table. - An heap overflow error occurs when parsing certain records in a Word document when opening a malicious Word document.

Affected

OpenOffice Version prior to 3.1.1 on Linux.

References

http://secunia.com/secunia_research/2009-27/
http://www.vupen.com/english/advisories/2009/2490

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0200, CVE-2009-0201
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Audition '.ses' Multiple Buffer Overflow Vulnerabilities (Windows)
A-V Tronics InetServ POP3 Denial Of Service Vulnerability
Adobe Reader/Acrobat Multiple BOF Vulnerabilities - Jun09 (Win)
ClamAV 'find_stream_bounds()' function Buffer Overflow Vulnerability
Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Windows)

Take action and discover your vulnerabilities