OpenOffice ".slk" File Parsing Null Pointer Vulnerability

2010-01-19T00:00:00
ID SSV:18968
Type seebug
Reporter Root
Modified 2010-01-19T00:00:00

Description

No description provided by source.

                                        
                                            
                                                Product:
 
OpenOffice
 
Tested Vulnerable Versions:
 
3.1.1 and 3.1.0
 
Vulnerability:
 
Null Pointer
 
Description:
 
Hellcode Research discovered a null pointer vulnerability in Openoffice for
Windows.
 
Opening a malformed ".slk" file with Openoffice, causes a crash on
"soffice.bin"
 
PoC:
http://www.exploit-db.com/sploits/slk.rar
http://paper.sebug.net/2010-exploits/1001-exploits/slk.rar
Credits:
karak0rsan and murderkey from Hellcode Research
 
The Computer Cheats (TCC)
 
Urls:
 
tcc.hellcode.net
forum.hellcode.net