[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110210

 
 

909

 
 

86021

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2006-5870Date: (C)2006-12-31   (M)2018-02-19


Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 9.3
Exploit Score: Exploit Score: 8.6
Impact Score: Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: MEDIUM
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: COMPLETE
Scope: Integrity: COMPLETE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
SECTRACK-1017466
SUNALERT-102735
20070101-01-P
http://www.securityfocus.com/archive/1/archive/1/455943/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/455964/100/0/threaded
http://www.securityfocus.com/archive/1/455954/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/456271/100/100/threaded
SECUNIA-23549
SECUNIA-23600
SECUNIA-23612
SECUNIA-23616
SECUNIA-23620
SECUNIA-23682
SECUNIA-23683
SECUNIA-23711
SECUNIA-23712
SECUNIA-23762
SECUNIA-23920
OSVDB-32610
OSVDB-32611
ADV-2007-0031
ADV-2007-0059
DSA-1246
FEDORA-2007-005
GLSA-200701-07
MDKSA-2007:006
RHSA-2007:0001
SUSE-SA:2007:001
USN-406-1
VU#220288
http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/
http://www.openoffice.org/issues/show_bug.cgi?id=70042
http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch
https://issues.rpath.com/browse/RPL-905
openoffice-wmf-bo(31257)

CPE    3
cpe:/a:sun:staroffice:8.0
cpe:/a:sun:staroffice:6.0
cpe:/a:sun:staroffice:7.0
CWE    1
CWE-189

© SecPod Technologies