9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.377 Low
EPSS
Percentile
96.7%
Several vulnerabilities have been discovered in the OpenOffice.org
office suite. The Common Vulnerabilities and Exposures project
identifies the following problems:
When reading a Microsoft Word document, a bug in the parser of
sprmTDelete records can result in an integer underflow that may
lead to heap-based buffer overflows.
Successful exploitation may allow arbitrary code execution in the
context of the OpenOffice.org process.
When reading a Microsoft Word document, a bug in the parser of
sprmTDelete records can result in heap-based buffer overflows.
Successful exploitation may allow arbitrary code execution in the
context of the OpenOffice.org process.
This vulnerability does not exist in the packages for oldstable,
testing and unstable.
For the old stable distribution (etch) these problems have been fixed in
version 2.0.4.dfsg.2-7etch7.
For the stable distribution (lenny) these problems have been fixed in
version 2.4.1+dfsg-1+lenny3 and higher.
For the unstable (sid) and testing (squeeze) distribution these
problems have been fixed in version 3.1.1~ooo310m15-1.
We recommend that you upgrade your Openoffice.org package.