OpenOffice < 3.1.1 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 5145
SynopsisThe remote host has a program that is vulnerable to multiple attack vectors.
DescriptionThe version of OpenOffice is earlier than 3.1.1. Such versions are potentially affected by several issues :
- A boundary error when parsing certain records can be exploited to cause a heap-based buffer overflow via a specially crafted document. (CVE-2009-0201)
- An integer underflow error when parsing certain records in the document table. (CVE-2009-0200)
- A vulnerability in the parser of EMFS files can lead to the execution of arbitrary commands. (CVE-2009-2139)
SolutionUpgrade to OpenOffice version 3.1.1 or later.