icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

OpenOffice < 2.4.1 rtl_allocateMemory Integer Overflow

Medium

Synopsis

The remote Windows host has a program affected by an integer overflow vulnerability.

Description

The version of OpenOffice installed on the remote host reportedly contains an integer overflow vulnerability in 'rtl_allocateMemory()', a custom memory allocation function used by the application. If an attacker can trick a user on the affected system, he can leverage this issue to execute arbitrary code subject to his privileges.

Solution

Upgrade to OpenOffice version 2.4.1 or later.