FreeBSD : openoffice -- DOC document heap overflow vulnerability (b206dd82-ac67-11d9-a788-0001020eed82)
Medium Nessus Plugin ID 19084
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionAD-LAB reports that a heap-based buffer overflow vulnerability exists in OpenOffice's handling of DOC documents. When reading a DOC document 16 bit from a 32 bit integer is used for memory allocation, but the full 32 bit is used for further processing of the document. This can allow an attacker to crash OpenOffice, or potentially execute arbitrary code as the user running OpenOffice, by tricking an user into opening a specially crafted DOC document.
SolutionUpdate the affected packages.