FreeBSD : openoffice -- arbitrary command execution vulnerability (e595e170-6771-11dc-8be8-02e0185f8d72)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

iDefense reports :

Remote exploitation of multiple integer overflow vulnerabilities
within OpenOffice, as included in various vendors' operating system
distributions, allows attackers to execute arbitrary code.

These vulnerabilities exist within the TIFF parsing code of the
OpenOffice suite. When parsing the TIFF directory entries for certain
tags, the parser uses untrusted values from the file to calculate the
amount of memory to allocate. By providing specially crafted values,
an integer overflow occurs in this calculation. This results in the
allocation of a buffer of insufficient size, which in turn leads to a
heap overflow.

See also :

http://www.nessus.org/u?fc9d165f
http://www.nessus.org/u?7e1a4c25

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 56500 ()

Bugtraq ID:

CVE ID: CVE-2007-2834

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now