MDVSA-2008:095 -- Mandriva openoffice.orgID: oval:org.secpod.oval:def:301354 | Date: (C)2012-01-07 (M)2022-09-21 |
Class: PATCH | Family: unix |
A vulnerability in HSQLDB before 1.8.0.9 in OpenOffice.org could allow user-assisted remote attackers to execute arbitrary Java code via crafted database documents . A heap overflow was discovered in OpenOffice.org"s EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened . Multiple heap overflows and an integer underflow were discovered in the Quattro Pro import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org ro crash or potentially execute arbitraty code . A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code . The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2008.0 |