Sun OpenOffice.org < 2.3 TIFF Parser Buffer Overflow Vulnerabilities
High Nessus Plugin ID 26064
SynopsisThe remote Windows host has a program that is affected by multiple buffer overflow vulnerabilities.
DescriptionThe remote host is running a version of Sun Microsystems OpenOffice.org that is affected by multiple integer overflows in its TIFF document parser that can be triggered when parsing tags in TIFF directory entries. If a remote attacker can trick a user into opening a specially crafted TIFF document, this issue can be leveraged to execute arbitrary code on the remote host subject to the user's privileges.
SolutionUpgrade to Sun Microsystems OpenOffice.org version 2.3 or later.