About Us | Contact Us

 


 

VUPEN Free Resources
 
  VUPEN Security Advisories
 
  VUPEN Security Blog & News
  Zero-day Attacks Monitor
  Daily Security Mailinglist
  Explanation of Terms
  Advanced Search Engine
 
   

OpenOffice.org Data Processing Multiple Code Execution Vulnerabilities

VUPEN ID VUPEN/ADV-2010-0366
CVE ID CVE-2006-4339 - CVE-2009-0217 - CVE-2009-2493 - CVE-2009-2949 - CVE-2009-2950 - CVE-2009-3301 - CVE-2009-3302
 
CWE ID Available in VUPEN VNS Customer Area
CVSS V2 Available in VUPEN VNS Customer Area
Rated as Critical 
Impact Available in VUPEN VNS Customer Area
Authentication Level Available in VUPEN VNS Customer Area
Access Vector Available in VUPEN VNS Customer Area
Release Date 2010-02-15
Share Twitter LinkedIn Facebook Delicious Digg Slashdot

Technical Description

Multiple vulnerabilities have been identified in OpenOffice.org, which could be exploited by attackers to compromise a vulnerable system.

The first issue is caused by a heap overflow error when processing malformed records in a Word document, which could be exploited by attackers to execute arbitrary code.

The second vulnerability is caused by a heap overflow error when processing malformed records in a Word document, which could be exploited by attackers to compromise a vulnerable system.

The third issue is caused by a buffer overflow error when parsing GIF data, which could be exploited by attackers to execute arbitrary code.

The fourth vulnerability is caused by an integer overflow error when processing XPM data, which could be exploited by attackers to execute arbitrary code.

The fifth issue is caused by an error in the Windows version of the application which is includes a vulnerable version of the MSVC Runtime. For additional information, see : VUPEN/ADV-2009-2034

The sixth vulnerability is caused by an error in libxmlsec. For additional information, see : VUPEN/ADV-2009-1911

The seventh issue is caused by an error in libxml2. For additional information, see : VUPEN/ADV-2006-3453

Affected Products

OpenOffice.org versions prior to 3.2

Solution 

Upgrade to OpenOffice.org version 3.2 :
http://download.openoffice.org/index.html

References

http://www.vupen.com/english/advisories/2010/0366
http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html
http://www.openoffice.org/security/cves/CVE-2009-2950.html
http://www.openoffice.org/security/cves/CVE-2009-2949.html
http://www.openoffice.org/security/cves/CVE-2009-2493.html
http://www.openoffice.org/security/cves/CVE-2009-0217.html
http://www.openoffice.org/security/cves/CVE-2006-4339.html

In-depth Binary Analysis 

Available in customer area as part of VUPEN Binary Analysis & Exploits Service and VUPEN Vulnerability Notification Service Ultimate Feed Edition.
 
Private Exploit or PoC 

Available in customer area as part of VUPEN Binary Analysis & Exploits Service and VUPEN Vulnerability Notification Service Ultimate Feed Edition.
 
Credits 

Vulnerabilities reported by Nicolas Joly (VUPEN Security) and Frank ReiBner and Sebastian Apelt (siberas).

Changelog 

2010-02-15 : Initial release
2010-02-17 : Updated Description

Feedback 

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Monthly Statistics 

 

 VUPEN Security Advisories By Criticality: Sep 2010


  Critical Risk

 : 18%

  High Risk		 : 5%

  Moderate Risk		 : 46%

  Low Risk		 : 31%

Get a real-time view of the vulnerabilities affecting your systems using the VUPEN VNS reporting capabilities.
 
 

Try VUPEN VNS 

 

 





© 2004-2010 VUPEN Security - Copyright - Privacy Policy