CVE - CVE-2007-0245

CVE-ID
CVE-2007-0245	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20070613 High risk vulnerability in OpenOffice RTF parser URL:http://www.securityfocus.com/archive/1/471274/100/0/threaded CONFIRM:http://sw.openoffice.org/source/browse/sw/sw/source/filter/rtf/swparrtf.cxx?rev=1.67 CONFIRM:https://issues.rpath.com/browse/RPL-1570 DEBIAN:DSA-1307 URL:http://www.debian.org/security/2007/dsa-1307 GENTOO:GLSA-200707-02 URL:http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml MANDRIVA:MDKSA-2007:144 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:144 REDHAT:RHSA-2007:0406 URL:http://www.redhat.com/support/errata/RHSA-2007-0406.html SGI:20070602-01-P URL:ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc SUNALERT:102917 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102917-1 SUSE:SUSE-SA:2007:037 URL:http://www.novell.com/linux/security/advisories/2007_37_openoffice.html UBUNTU:USN-482-1 URL:http://www.ubuntu.com/usn/usn-482-1 BID:24450 URL:http://www.securityfocus.com/bid/24450 OSVDB:35378 URL:http://osvdb.org/35378 OVAL:oval:org.mitre.oval:def:10002 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10002 VUPEN:ADV-2007-2166 URL:http://www.vupen.com/english/advisories/2007/2166 VUPEN:ADV-2007-2229 URL:http://www.vupen.com/english/advisories/2007/2229 SECTRACK:1018239 URL:http://www.securitytracker.com/id?1018239 SECUNIA:25648 URL:http://secunia.com/advisories/25648 SECUNIA:25650 URL:http://secunia.com/advisories/25650 SECUNIA:25673 URL:http://secunia.com/advisories/25673 SECUNIA:25705 URL:http://secunia.com/advisories/25705 SECUNIA:25862 URL:http://secunia.com/advisories/25862 SECUNIA:25894 URL:http://secunia.com/advisories/25894 SECUNIA:25905 URL:http://secunia.com/advisories/25905 SECUNIA:26010 URL:http://secunia.com/advisories/26010 SECUNIA:26022 URL:http://secunia.com/advisories/26022 SECUNIA:26476 URL:http://secunia.com/advisories/26476 XF:openoffice-rtf-bo(34843) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34843
Assigning CNA
N/A
Date Entry Created
20070116	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070116)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org