Bug#404105: CVE-2006-6628: Integer overflow in OpenOffice.org
severity 404105 important
thanks
Am Donnerstag, 21. Dezember 2006 20:29 schrieb Stefan Fritsch:
> Package: openoffice.org
> Version: 2.0.4.dfsg.2-1
> Severity: grave
> Tags: security
> Justification: user security hole
>
>
> openoffice.org crashes when loading the exploit from [1]. There is inconclusive
> information whether this may be used to execute arbitrary code [2,3]. If this is
> a mere DoS you may of course downgrade the severity.
Doing with this. Note that we might not be affected anyway if this was exploitable
since we (sanely) use malloc/calloc/realloc/free from system (--with-alloc=system)
instead of re-implemented internal allocators (as Sun does)
Regards,
Rene
--
.''`. René Engelhard -- Debian GNU/Linux Developer
: :' : http://www.debian.org | http://people.debian.org/~rene/
`. `' rene@debian.org | GnuPG-Key ID: 248AEB73
`- Fingerprint: 41FA F208 28D4 7CA5 19BB 7AD9 F859 90B0 248A EB73
Reply to: