Ubuntu.comUB:CVE-2009-3569CVE-2009-3569
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
78.0%
Stack-based buffer overflow in OpenOffice.org (OOo) allows remote attackers
to execute arbitrary code via unspecified vectors, as demonstrated by a
certain module in VulnDisco Pack Professional 8.8, aka “Client-side stack
overflow exploit.” NOTE: as of 20091005, this disclosure has no actionable
information. However, because the VulnDisco Pack author is a reliable
researcher, the issue is being assigned a CVE identifier for tracking
purposes.
Notes
| Author | Note |
|---|---|
| jdstrand | not enough information to do anything. Defer until more information becomes available |
| mdeslaur | still no info as of 2010-11-11, also probably mitigated by stack protector, downgrading to low |
| jdstrand | still no information. Due to stack overflow, marking as protected (just a crasher) and ignoring. Can reopen once more info is available |
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
78.0%