Lucene search
UbuntuUSN-524-1HistoryOct 04, 2007 - 12:00 a.m.
OpenOffice.org vulnerability
2007-10-0400:00:00
ubuntu.com
32
7.3 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.945 High
EPSS
Percentile
99.2%
Releases
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06
Packages
- openoffice.org -
- openoffice.org-amd64 -
Details
An integer overflow was discovered in the TIFF handling code in OpenOffice.
If a user were tricked into loading a malicious TIFF image, a remote attacker
could execute arbitrary code with user privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 7.04 | noarch | openoffice.org-core | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | libmythes-dev | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | libuno-cil | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-base | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-calc | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-dev | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-draw | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-evolution | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-filter-binfilter | < 2.2.0-1ubuntu5 | UNKNOWN |
References
Related
checkpoint_advisories
checkpoint_advisories
OpenOffice TIFF File Parsing Integer Overflow (CVE-2007-2834)
2009-10-19 00:00:00
nessus
nessus
SuSE 10 Security Update : OpenOffice (ZYPP Patch Number 4320)
2007-12-13 00:00:00
openvas
openvas
FreeBSD Ports: openoffice
2008-09-04 00:00:00
SuSE Update for OpenOffice_org SUSE-SA:2007:052
2009-01-28 00:00:00
Ubuntu Update for openoffice.org/-amd64 vulnerability USN-524-1
2009-03-23 00:00:00
freebsd
freebsd
openoffice -- arbitrary command execution vulnerability
2007-09-19 00:00:00
debian
debian
osv
osv
openoffice.org - buffer overflow
2007-09-17 00:00:00
oraclelinux
oraclelinux
Important: openoffice.org security update
2007-09-18 00:00:00
securityvulns
securityvulns
fedora
fedora
[SECURITY] Fedora Core 6 Update: openoffice.org-2.0.4-5.5.24
2007-09-18 22:20:37
[SECURITY] Fedora 7 Update: openoffice.org-2.2.1-18.2.fc7
2007-10-04 18:47:11
[SECURITY] Fedora 7 Update: openoffice.org-2.3.0-6.5.fc7
2007-12-07 18:17:15
gentoo
gentoo
OpenOffice.org: Heap-based buffer overflow
2007-10-23 00:00:00
centos
centos
openoffice.org, openoffice.org2 security update
2007-09-18 16:25:22
prion
prion
Integer overflow
2007-09-18 21:17:00
redhat
redhat
(RHSA-2007:0848) Important: openoffice.org security update
2007-09-18 00:00:00
ubuntucve
ubuntucve
CVE-2007-2834
2007-09-18 00:00:00
suse
suse
remote code execution in OpenOffice_org
2007-09-21 13:55:00
cve
cve
CVE-2007-2834
2007-09-18 21:17:00
7.3 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.945 High
EPSS
Percentile
99.2%
Related for USN-524-1