790 matches found
CVE-2007-4510
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service application crash via 1 a crafted RTF file, which triggers a NULL dereference in the cliscanrtf function in libclamav/rtf.c; or 2 a crafted HTML document wit...
Design/Logic Flaw
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service application crash via 1 a crafted RTF file, which triggers a NULL dereference in the cliscanrtf function in libclamav/rtf.c; or 2 a crafted HTML document wit...
CVE-2007-4510
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service application crash via 1 a crafted RTF file, which triggers a NULL dereference in the cliscanrtf function in libclamav/rtf.c; or 2 a crafted HTML document wit...
CVE-2007-4510
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service application crash via 1 a crafted RTF file, which triggers a NULL dereference in the cliscanrtf function in libclamav/rtf.c; or 2 a crafted HTML document wit...
CVE-2007-4510
CVE-2007-4510 affects ClamAV before 0.91.2 (as used in Kolab Server 2.0–2.2beta1 and others). The root causes are NULL pointer dereferences in cli_scanrtf (libclamav/rtf.c) and in cli_html_normalise (libclamav/htmlnorm.c) triggered by a crafted RTF file or a crafted HTML document with a data: URI...
CVE-2007-4510
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service application crash via 1 a crafted RTF file, which triggers a NULL dereference in the cliscanrtf function in libclamav/rtf.c; or 2 a crafted HTML document wit...
USN-482-1: OpenOffice.org vulnerability
John Heasman discovered that OpenOffice did not correctly validate the sizes of tags in RTF documents. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges...
Mandrake Linux Security Advisory : openoffice.org (MDKSA-2007:144)
A heap overflow flaw was found in the RTF import filter of OpenOffice.org. If a victim were to open a specially crafted RTF file, OpenOffice.org could crash or possibly execute arbitrary code. Updated packages have been patched to prevent the above issues. %NASLMINLEVEL 70300 C Tenable Network...
GLSA-200707-02 : OpenOffice.org: Two buffer overflows
The remote host is affected by the vulnerability described in GLSA-200707-02 OpenOffice.org: Two buffer overflows John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing the 'prdata' tag in RTF files where the first token is smaller than the second one CVE-2007-0245...
Fedora Core 5 : openoffice.org-2.0.2-5.22.2 (2007-606)
A heap overflow flaw was found in the RTF import filer. An attacker could create a carefully crafted RTF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. CVE-2007-0245 All users of OpenOffice.org are advised to upgrade to these...
OpenOffice RTF文件解析器远程堆溢出漏洞
OpenOffice是个整合性的软件,包含了许多文字处理、表格、公式等办公工具。 OpenOffice在处理带有畸形数据的RTF文档时存在漏洞,远程攻击者可能利用此漏洞控制用户机器。 在解析文件中的prtdata标签时,OpenOffice的RTF解析器基于第一个令牌分配内存,但却拷贝了第二个令牌的内容,因此如果将第一个令牌的值设置得比第二个令牌长度小的话,就可以覆盖堆数据。远程攻击者可以通过诱骗用户打开恶意RTF文件来触发这个溢出,导致执行任意指令。 OpenOffice OpenOffice 2.2.1 Debian ------...
Sun OpenOffice.org RTF Parser prtdata Tag Buffer Overflow
The remote host is running a version of Sun Microsystems OpenOffice.org that is affected by a heap-based buffer overflow in its RTF document parser that is triggered when parsing 'prtdata' tags. If a remote attacker can trick a user into opening a specially crafted RTF document, he can execute...
High risk vulnerability in OpenOffice RTF parser
John Heasman of NGSSoftware has discovered a high risk vulnerability in the handling of RTF documents within OpenOffice. The vulnerability affects all versions of OpenOffice prior to 2.2.1. If an attacker can coax a user into opening a specially crafted RTF document then the attacker can execute...
Fedora Core 6 : openoffice.org-2.0.4-5.5.23 (2007-572)
A heap overflow flaw was found in the RTF import filer. An attacker could create a carefully crafted RTF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. CVE-2007-0245 All users of OpenOffice.org are advised to upgrade to these...
Debian DSA-1307-1 : openoffice.org - heap overflow
John Heasman discovered a heap overflow in the routines of OpenOffice.org that parse RTF files. A specially crafted RTF file could cause the filter to overwrite data on the heap, which may lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...
CentOS 3 / 4 / 5 : openoffice / openoffice.org (CESA-2007:0406)
Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...
RHEL 3 / 4 / 5 : openoffice.org (RHSA-2007:0406)
Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...
OpenOffice buffer overflow
Ivalid dynamic memory allocation on RTF document prtdata tag parsing...
openoffice.org, openoffice.org2 security update
CentOS Errata and Security Advisory CESA-2007:0406 Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an...
Important: Red Hat Security Advisory: openoffice.org security update
Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...