Download
| Alert*
oval:org.secpod.oval:def:301413
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. The updated packages have been patched to fix the issue. oval:org.secpod.oval:def:301460 Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. Also, according to bug #38874 decimal numbers on Hebrew documents ... oval:org.secpod.oval:def:19928 The host is installed with OpenOffice.org 2.x before 2.4 and is prone to integer overflow vulnerability. A flaw is present in application, which fails to properly handle a crafted file. Successful exploitation allows remote attackers to execute arbitrary code. |