9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.534 Medium
EPSS
Percentile
97.3%
OpenOffice.org is an office productivity suite that includes desktop
applications such as a word processor, spreadsheet, presentation manager,
formula editor, and drawing program.
John Heasman discovered a stack overflow in the StarCalc parser in
OpenOffice. An attacker could create a carefully crafted StarCalc file
that could cause OpenOffice.org to crash or possibly execute arbitrary code
if the file was opened by a victim. (CVE-2007-0238)
Flaws were discovered in the way OpenOffice.org handled hyperlinks. An
attacker could create an OpenOffice.org document which could run commands
if a victim opened the file and clicked on a malicious hyperlink.
(CVE-2007-0239)
All users of OpenOffice.org are advised to upgrade to these updated
packages, which contain a backported fix to correct this issue.