Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

OpenOffice < 3.1.1 Multiple Vulnerabilities

Medium

Synopsis

The remote host has a program that is vulnerable to multiple attack vectors.

Description

The version of OpenOffice is earlier than 3.1.1. Such versions are potentially affected by several issues :

- A boundary error when parsing certain records can be exploited to cause a heap-based buffer overflow via a specially crafted document. (CVE-2009-0201)

- An integer underflow error when parsing certain records in the document table. (CVE-2009-0200)

- A vulnerability in the parser of EMFS files can lead to the execution of arbitrary commands. (CVE-2009-2139)

Solution

Upgrade to OpenOffice version 3.1.1 or later.