Veracode Vulnerability DatabaseVERACODE:24559Arbitrary Code Execution
0.013 Low
EPSS
Percentile
85.8%
openoffice.org is vulnerable to arbitrary code execution. The vulnerability exist as a heap-based buffer overflow flaw was found in the way OpenOffice.org parsed certain Microsoft Office PowerPoint files. An attacker could use this flaw to create a specially-crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org.
References
osvdb.org/70717
secunia.com/advisories/40775
secunia.com/advisories/42999
secunia.com/advisories/43065
secunia.com/advisories/43105
secunia.com/advisories/60799
ubuntu.com/usn/usn-1056-1
www.debian.org/security/2011/dsa-2151
www.gentoo.org/security/en/glsa/glsa-201408-19.xml
www.mandriva.com/security/advisories?name=MDVSA-2011:027
www.openoffice.org/security/cves/CVE-2010-4253.html
www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
www.redhat.com/support/errata/RHSA-2011-0182.html
www.securityfocus.com/bid/46031
www.securitytracker.com/id?1025002
www.vupen.com/english/advisories/2011/0230
www.vupen.com/english/advisories/2011/0232
www.vupen.com/english/advisories/2011/0279
access.redhat.com/errata/RHSA-2011:0182
access.redhat.com/errata/RHSA-2011:0183
access.redhat.com/security/cve/CVE-2010-4253
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=658259
Related
