Lucene search
UbuntuUSN-524-1HistoryOct 04, 2007 - 12:00 a.m.
OpenOffice.org vulnerability
2007-10-0400:00:00
ubuntu.com
40
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.881
Percentile
98.7%
Releases
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06
Packages
- openoffice.org -
- openoffice.org-amd64 -
Details
An integer overflow was discovered in the TIFF handling code in OpenOffice.
If a user were tricked into loading a malicious TIFF image, a remote attacker
could execute arbitrary code with user privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 7.04 | noarch | openoffice.org-core | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | libmythes-dev | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | libuno-cil | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-base | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-calc | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-dev | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-draw | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-evolution | < 2.2.0-1ubuntu5 | UNKNOWN |
| Ubuntu | 7.04 | noarch | openoffice.org-filter-binfilter | < 2.2.0-1ubuntu5 | UNKNOWN |
References
Related
freebsd
freebsd
openoffice -- arbitrary command execution vulnerability
2007-09-19 00:00:00
nessus
nessus
SuSE 10 Security Update : OpenOffice (ZYPP Patch Number 4320)
2007-12-13 00:00:00
openvas
openvas
FreeBSD Ports: openoffice
2008-09-04 00:00:00
SuSE Update for OpenOffice_org SUSE-SA:2007:052
2009-01-28 00:00:00
Gentoo Security Advisory GLSA 200710-24 (openoffice)
2008-09-24 00:00:00
debian
debian
checkpoint_advisories
checkpoint_advisories
OpenOffice TIFF File Parsing Integer Overflow (CVE-2007-2834)
2009-10-19 00:00:00
oraclelinux
oraclelinux
Important: openoffice.org security update
2007-09-18 00:00:00
gentoo
gentoo
OpenOffice.org: Heap-based buffer overflow
2007-10-23 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: openoffice.org-2.0.4-5.5.24
2007-09-18 22:20:37
[SECURITY] Fedora 7 Update: openoffice.org-2.2.1-18.2.fc7
2007-10-04 18:47:11
[SECURITY] Fedora 7 Update: openoffice.org-2.3.0-6.5.fc7
2007-12-07 18:17:15
securityvulns
securityvulns
osv
osv
openoffice.org - buffer overflow
2007-09-17 00:00:00
centos
centos
openoffice.org, openoffice.org2 security update
2007-09-18 16:25:22
suse
suse
remote code execution in OpenOffice_org
2007-09-21 13:55:00
cve
cve
CVE-2007-2834
2007-09-18 21:17:00
prion
prion
Integer overflow
2007-09-18 21:17:00
nvd
nvd
CVE-2007-2834
2007-09-18 21:17:00
redhat
redhat
(RHSA-2007:0848) Important: openoffice.org security update
2007-09-18 00:00:00
ubuntucve
ubuntucve
CVE-2007-2834
2007-09-18 00:00:00
cvelist
cvelist
CVE-2007-2834
2007-09-18 21:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.881
Percentile
98.7%
Related for USN-524-1