Lucene search

PRIOn knowledge basePRION:CVE-2007-5746

HistoryApr 17, 2008 - 7:05 p.m.

Integer overflow

2008-04-1719:05:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.219 Low

EPSS

Percentile

96.3%

JSON

Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.

CPENameOperatorVersion
openoffice.orgeq2.3.1
openoffice.orgeq2.2.1
openoffice.orgeq2.1
openoffice.orgeq2.2
openoffice.orgeq2.3
openoffice.orgeq2.0.3

Name	Operator	Version
openoffice.org	eq	2.3.1
openoffice.org	eq	2.2.1
openoffice.org	eq	2.1
openoffice.org	eq	2.2
openoffice.org	eq	2.3
openoffice.org	eq	2.0.3

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=692

secunia.com/advisories/29844

secunia.com/advisories/29852

secunia.com/advisories/29864

secunia.com/advisories/29871

secunia.com/advisories/29910

secunia.com/advisories/29913

secunia.com/advisories/29987

secunia.com/advisories/30100

secunia.com/advisories/30179

security.gentoo.org/glsa/glsa-200805-16.xml

sunsolve.sun.com/search/document.do?assetkey=1-66-231661-1

www.debian.org/security/2008/dsa-1547

www.mandriva.com/security/advisories?name=MDVSA-2008:090

www.mandriva.com/security/advisories?name=MDVSA-2008:095

www.novell.com/linux/security/advisories/2008_23_openoffice.html

www.openoffice.org/security/bulletin.html

www.openoffice.org/security/cves/CVE-2007-4770.html

www.openoffice.org/security/cves/CVE-2007-5745.html

www.openoffice.org/security/cves/CVE-2007-5746.html

www.redhat.com/support/errata/RHSA-2008-0175.html

www.redhat.com/support/errata/RHSA-2008-0176.html

www.securityfocus.com/bid/28819

www.securitytracker.com/id?1019892

www.ubuntu.com/usn/usn-609-1

www.vupen.com/english/advisories/2008/1253/references

www.vupen.com/english/advisories/2008/1375/references

exchange.xforce.ibmcloud.com/vulnerabilities/41861

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10249

www.redhat.com/archives/fedora-package-announce/2008-April/msg00448.html

8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.219 Low

EPSS

Percentile

96.3%

JSON

Related for PRION:CVE-2007-5746