CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
95.4%
Multiple memory overflow flaws were discovered in OpenOffice.orgβs handling of
WMF and EMF files. If a user were tricked into opening a specially crafted
document, a remote attacker might be able to execute arbitrary code with user
privileges. (CVE-2008-2237, CVE-2008-2238)
Dmitry E. Oboukhov discovered that senddoc, as included in OpenOffice.org,
created temporary files in an insecure way. Local users could exploit a race
condition to create or overwrite files with the privileges of the user invoking
the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2008-4937)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.10 | noarch | openoffice.org-core | <Β 1:2.4.1-11ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | cli-uno-bridge | <Β 1:2.4.1-11ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | libmythes-dev | <Β 1:2.4.1-11ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | mozilla-openoffice.org | <Β 1:2.4.1-11ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | openoffice.org | <Β 1:2.4.1-11ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | openoffice.org | <Β base-1:2.4.1-11ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | openoffice.org | <Β base-core-1:2.4.1-11ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | openoffice.org | <Β calc-1:2.4.1-11ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | openoffice.org | <Β core-1:2.4.1-11ubuntu2.1 | UNKNOWN |
Ubuntu | 8.10 | noarch | openoffice.org | <Β dev-1:2.4.1-11ubuntu2.1 | UNKNOWN |