Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в OpenOffice
Опубликовано:20 апреля 2008 г.
Источник:
SecurityVulns ID:8926
Тип:клиент
Уровень опасности:
6/10
Описание:Многочисленные переполнения буфера и целочисленные переполнения при разборе файлов QPRO (Quattro Pro), EMF и Microsoft Office.
CVE:CVE-2008-0320
 CVE-2007-5747 (Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.)
 CVE-2007-5746
 CVE-2007-5745 (Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records.)
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability (20.04.2008)
 documentIDEFENSE, iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities (20.04.2008)
 documentIDEFENSE, iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability (20.04.2008)
 documentIDEFENSE, iDefense Security Advisory 04.17.08: Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability (20.04.2008)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород