5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.039 Low
EPSS
Percentile
91.9%
The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and
earlier allocates memory based on 16 bit length values, but process memory
using 32 bit values, which allows remote attackers to cause a denial of
service and possibly execute arbitrary code via a DOC document with certain
length values, which leads to a heap-based buffer overflow.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | openoffice.org-l10n | < 2.0.2-2ubuntu5 | UNKNOWN |
ubuntu | 6.10 | noarch | openoffice.org-l10n | < 2.0.2-2ubuntu5 | UNKNOWN |
ubuntu | 7.04 | noarch | openoffice.org-l10n | < 2.0.2-2ubuntu5 | UNKNOWN |