Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C
Vendors Products
Openoffice
  • Openoffice

Configuration 1 [-]

cpe:2.3:a:openoffice:openoffice:*:*:*:*:*:*:*:*
References
Link Resource
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
http://osvdb.org/35378
http://secunia.com/advisories/25648 Vendor Advisory
http://secunia.com/advisories/25650 Vendor Advisory
http://secunia.com/advisories/25673 Vendor Advisory
http://secunia.com/advisories/25705 Vendor Advisory
http://secunia.com/advisories/25862 Vendor Advisory
http://secunia.com/advisories/25894 Vendor Advisory
http://secunia.com/advisories/25905 Vendor Advisory
http://secunia.com/advisories/26010 Vendor Advisory
http://secunia.com/advisories/26022 Vendor Advisory
http://secunia.com/advisories/26476 Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102917-1
http://sw.openoffice.org/source/browse/sw/sw/source/filter/rtf/swparrtf.cxx?rev=1.67
http://www.debian.org/security/2007/dsa-1307 Patch
http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:144
http://www.novell.com/linux/security/advisories/2007_37_openoffice.html
http://www.redhat.com/support/errata/RHSA-2007-0406.html
http://www.securityfocus.com/archive/1/471274/100/0/threaded
http://www.securityfocus.com/bid/24450
http://www.securitytracker.com/id?1018239
http://www.ubuntu.com/usn/usn-482-1
http://www.vupen.com/english/advisories/2007/2166 Vendor Advisory
http://www.vupen.com/english/advisories/2007/2229 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/34843
https://issues.rpath.com/browse/RPL-1570
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10002
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-06-12T21:00:00

Updated: 2018-10-16T14:57:01

Reserved: 2007-01-16T00:00:00

Link: CVE-2007-0245

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2007-06-12T21:30:00.000

Modified: 2018-10-16T16:32:00.277

Link: CVE-2007-0245

JSON object: View

cve-icon Redhat Information

No data.

CWE