[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#304412: CAN-2005-0941: "OpenOffice DOC document Heap Overflow"



Package: openoffice.org
Version: 1.1.3-8
Severity: grave
Justification: user security hole
Tags: sarge sid experimental pending

from full-disclosure (http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0218.html):

OpenOffice DOC document Heap Overflow
[Security Advisory]

Advisory:[AD_LAB-05001] OpenOffice DOC document Heap Overflow
Class: Design Error
DATE:30/3/2005
CVEID:CAN-2005-0941
Vulnerable:
    <=OpenOffice OpenOffice 1.1.4
    -OpenOffice OpenOffice 2.0dev

Unvulnerable:
    Unknow
Vendor:
     www.openoffice.org

I.DESCRIPTION:
- -------------
     OpenOffice.org is an office productivity suite, including word
processing, spreadsheets, presentations, drawings, data charting,
formula editing, and file conversion facilities.
The vulnerability is caused due to a error within the .Doc document header
processing.This can be exploited to cause a heap-based buffer overflow. 
[...]

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (400, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-k7
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15)

Versions of packages openoffice.org depends on:
ii  dictionaries-common [openoffi 0.25.4     Common utilities for spelling dict
ii  openoffice.org-bin            1.1.3-8    OpenOffice.org office suite binary
ii  openoffice.org-debian-files   1.1.3-8+1  Debian specific parts of OpenOffic
ii  openoffice.org-l10n-de [openo 1.1.3-8    German language package for OpenOf
ii  openoffice.org-l10n-en [openo 1.1.3-8    English (US) language package for 
ii  ttf-opensymbol                1.1.3-8    The OpenSymbol TrueType font
ii  xml-core                      0.09       XML infrastructure and XML catalog

-- no debconf information

Attachment: signature.asc
Description: Digital signature


Reply to: