ID CVE-2007-5746
Summary Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:openoffice:openoffice.org:2.0.3
    cpe:2.3:a:openoffice:openoffice.org:2.0.3
  • cpe:2.3:a:openoffice:openoffice.org:2.1
    cpe:2.3:a:openoffice:openoffice.org:2.1
  • cpe:2.3:a:openoffice:openoffice.org:2.2
    cpe:2.3:a:openoffice:openoffice.org:2.2
  • cpe:2.3:a:openoffice:openoffice.org:2.2.1
    cpe:2.3:a:openoffice:openoffice.org:2.2.1
  • cpe:2.3:a:openoffice:openoffice.org:2.3
    cpe:2.3:a:openoffice:openoffice.org:2.3
  • cpe:2.3:a:openoffice:openoffice.org:2.3.1
    cpe:2.3:a:openoffice:openoffice.org:2.3.1
CVSS
Base: 6.8 (as of 17-04-2008 - 15:34)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
metasploit via4
description This module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
id MSF:EXPLOIT/WINDOWS/FILEFORMAT/OPENOFFICE_OLE
last seen 2019-02-16
modified 2017-07-24
published 2012-05-23
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/openoffice_ole.rb
title OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
nessus via4
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080417_OPENOFFICE_ORG2_ON_SL4_5_AND_4_6.NASL
    description Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747) A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60388
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60388
    title Scientific Linux Security Update : openoffice.org2 on SL4.5 and 4.6 i386/x86_64
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200805-16.NASL
    description The remote host is affected by the vulnerability described in GLSA-200805-16 (OpenOffice.org: Multiple vulnerabilities) iDefense Labs reported multiple vulnerabilities in OpenOffice.org: multiple heap-based buffer overflows when parsing the 'Attribute' and 'Font' Description records of Quattro Pro (QPRO) files (CVE-2007-5745), an integer overflow when parsing the EMR_STRETCHBLT record of an EMF file, resulting in a heap-based buffer overflow (CVE-2007-5746), an integer underflow when parsing Quattro Pro (QPRO) files, resulting in an excessive loop and a stack-based buffer overflow (CVE-2007-5747), and a heap-based buffer overflow when parsing the 'DocumentSummaryInformation' stream in an OLE file (CVE-2008-0320). Furthermore, Will Drewry (Google Security) reported vulnerabilities in the memory management of the International Components for Unicode (CVE-2007-4770, CVE-2007-4771), which was resolved with GLSA 200803-20. However, the binary version of OpenOffice.org uses an internal copy of said library. Impact : A remote attacker could entice a user to open a specially crafted document, possibly resulting in the remote execution of arbitrary code with the privileges of the user running OpenOffice.org. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 32353
    published 2008-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32353
    title GLSA-200805-16 : OpenOffice.org: Multiple vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0176.NASL
    description Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 32019
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32019
    title RHEL 3 / 4 : openoffice.org (RHSA-2008:0176)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-095.NASL
    description A vulnerability in HSQLDB before 1.8.0.9 in OpenOffice.org could allow user-assisted remote attackers to execute arbitrary Java code via crafted database documents (CVE-2007-4575). A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened (CVE-2007-5746). Multiple heap overflows and an integer underflow were discovered in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org ro crash or potentially execute arbitrary code (CVE-2007-5745, CVE-2007-5747). A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code (CVE-2008-0320). The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 37969
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37969
    title Mandriva Linux Security Advisory : openoffice.org (MDVSA-2008:095)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0176.NASL
    description Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 31997
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31997
    title CentOS 3 / 4 : openoffice.org (CESA-2008:0176)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0176.NASL
    description From Red Hat Security Advisory 2008:0176 : Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67666
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67666
    title Oracle Linux 3 / 4 : openoffice.org (ELSA-2008-0176)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080417_OPENOFFICE_ORG_ON_SL3_X.NASL
    description A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60389
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60389
    title Scientific Linux Security Update : openoffice.org on SL3.x, SL4.x i386/x86_64
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080417_OPENOFFICE_ORG_ON_SL5_X.NASL
    description Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747) A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60390
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60390
    title Scientific Linux Security Update : openoffice.org on SL5.x i386/x86_64
  • NASL family Windows
    NASL id OPENOFFICE_240.NASL
    description The version of Sun Microsystems OpenOffice.org installed on the remote host is affected by several issues : - Heap overflow and arbitrary code execution vulnerabilities involving ODF text documents with XForms (CVE-2007-4770/4771). - Heap overflow and arbitrary code execution vulnerabilities involving Quattro Pro files (CVE-2007-5745/5747). - Heap overflow and arbitrary code execution vulnerabilities involving EMF files (CVE-2007-5746). - Heap overflow and arbitrary code execution vulnerabilities involving OLE files (CVE-2008-0320).
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 31968
    published 2008-04-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31968
    title Sun OpenOffice.org < 2.4 Multiple Vulnerabilities
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-609-1.NASL
    description It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. (CVE-2007-4575) Multiple memory overflow flaws were discovered in OpenOffice.org's handling of Quattro Pro, EMF, and OLE files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. (CVE-2007-5745, CVE-2007-5746, CVE-2007-5747, CVE-2008-0320). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 32189
    published 2008-05-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32189
    title Ubuntu 6.06 LTS / 7.04 / 7.10 : hsqldb, openoffice.org/-amd64 vulnerabilities (USN-609-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-4104.NASL
    description Following security issues were addressed in this update: # CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution # CVE-2007-5746: Manipulated EMF files can lead to heap overflows and arbitrary code execution # CVE-2008-0320: Manipulated OLE files can lead to heap overflows and arbitrary code execution Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-01-11
    plugin id 32385
    published 2008-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32385
    title Fedora 7 : openoffice.org-2.3.0-6.8.fc7 (2008-4104)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0175.NASL
    description Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747) A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 32018
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32018
    title RHEL 4 / 5 : openoffice.org (RHSA-2008:0175)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0175.NASL
    description Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747) A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746) A heap overflow flaw was found in the OLE Structured Storage file parser. (OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 31996
    published 2008-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31996
    title CentOS 4 / 5 : openoffice.org / openoffice.org2 (CESA-2008:0175)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-3251.NASL
    description Following security issues were addressed in this update: # CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution # CVE-2007-5746: Manipulated EMF files can lead to heap overflows and arbitrary code execution # CVE-2008-0320: Manipulated OLE files can lead to heap overflows and arbitrary code execution Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-01-11
    plugin id 32042
    published 2008-04-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32042
    title Fedora 8 : openoffice.org-2.3.0-6.14.fc8 (2008-3251)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1547.NASL
    description Several security related problems have been discovered in OpenOffice.org, the free office suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5745, CVE-2007-5747 Several bugs have been discovered in the way OpenOffice.org parses Quattro Pro files that may lead to a overflow in the heap potentially leading to the execution of arbitrary code. - CVE-2007-5746 Specially crafted EMF files can trigger a buffer overflow in the heap that may lead to the execution of arbitrary code. - CVE-2008-0320 A bug has been discovered in the processing of OLE files that can cause a buffer overflow in the heap potentially leading to the execution of arbitrary code. Recently reported problems in the ICU library are fixed in separate libicu packages with DSA 1511 against which OpenOffice.org is linked.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 31969
    published 2008-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31969
    title Debian DSA-1547-1 : openoffice.org - several vulnerabilities
oval via4
accepted 2013-04-29T04:03:59.187-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.
family unix
id oval:org.mitre.oval:def:10249
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.
version 24
redhat via4
advisories
  • rhsa
    id RHSA-2008:0175
  • rhsa
    id RHSA-2008:0176
rpms
  • openoffice.org2-base-1:2.0.4-5.7.0.4.0
  • openoffice.org2-calc-1:2.0.4-5.7.0.4.0
  • openoffice.org2-core-1:2.0.4-5.7.0.4.0
  • openoffice.org2-draw-1:2.0.4-5.7.0.4.0
  • openoffice.org2-emailmerge-1:2.0.4-5.7.0.4.0
  • openoffice.org2-graphicfilter-1:2.0.4-5.7.0.4.0
  • openoffice.org2-impress-1:2.0.4-5.7.0.4.0
  • openoffice.org2-javafilter-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-af_ZA-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ar-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-bg_BG-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-bn-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ca_ES-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-cs_CZ-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-cy_GB-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-da_DK-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-de-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-el_GR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-es-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-et_EE-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-eu_ES-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-fi_FI-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-fr-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ga_IE-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-gl_ES-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-gu_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-he_IL-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-hi_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-hr_HR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-hu_HU-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-it-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ja_JP-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ko_KR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-lt_LT-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ms_MY-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-nb_NO-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-nl-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-nn_NO-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pa_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pl_PL-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pt_BR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pt_PT-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ru-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sk_SK-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sl_SI-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sr_CS-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sv-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ta_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-th_TH-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-tr_TR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-zh_CN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-zh_TW-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-zu_ZA-1:2.0.4-5.7.0.4.0
  • openoffice.org2-math-1:2.0.4-5.7.0.4.0
  • openoffice.org2-pyuno-1:2.0.4-5.7.0.4.0
  • openoffice.org2-testtools-1:2.0.4-5.7.0.4.0
  • openoffice.org2-writer-1:2.0.4-5.7.0.4.0
  • openoffice.org2-xsltfilter-1:2.0.4-5.7.0.4.0
  • openoffice.org-base-1:2.0.4-5.4.26
  • openoffice.org-calc-1:2.0.4-5.4.26
  • openoffice.org-core-1:2.0.4-5.4.26
  • openoffice.org-draw-1:2.0.4-5.4.26
  • openoffice.org-emailmerge-1:2.0.4-5.4.26
  • openoffice.org-graphicfilter-1:2.0.4-5.4.26
  • openoffice.org-impress-1:2.0.4-5.4.26
  • openoffice.org-javafilter-1:2.0.4-5.4.26
  • openoffice.org-langpack-af_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-ar-1:2.0.4-5.4.26
  • openoffice.org-langpack-as_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-bg_BG-1:2.0.4-5.4.26
  • openoffice.org-langpack-bn-1:2.0.4-5.4.26
  • openoffice.org-langpack-ca_ES-1:2.0.4-5.4.26
  • openoffice.org-langpack-cs_CZ-1:2.0.4-5.4.26
  • openoffice.org-langpack-cy_GB-1:2.0.4-5.4.26
  • openoffice.org-langpack-da_DK-1:2.0.4-5.4.26
  • openoffice.org-langpack-de-1:2.0.4-5.4.26
  • openoffice.org-langpack-el_GR-1:2.0.4-5.4.26
  • openoffice.org-langpack-es-1:2.0.4-5.4.26
  • openoffice.org-langpack-et_EE-1:2.0.4-5.4.26
  • openoffice.org-langpack-eu_ES-1:2.0.4-5.4.26
  • openoffice.org-langpack-fi_FI-1:2.0.4-5.4.26
  • openoffice.org-langpack-fr-1:2.0.4-5.4.26
  • openoffice.org-langpack-ga_IE-1:2.0.4-5.4.26
  • openoffice.org-langpack-gl_ES-1:2.0.4-5.4.26
  • openoffice.org-langpack-gu_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-he_IL-1:2.0.4-5.4.26
  • openoffice.org-langpack-hi_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-hr_HR-1:2.0.4-5.4.26
  • openoffice.org-langpack-hu_HU-1:2.0.4-5.4.26
  • openoffice.org-langpack-it-1:2.0.4-5.4.26
  • openoffice.org-langpack-ja_JP-1:2.0.4-5.4.26
  • openoffice.org-langpack-kn_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-ko_KR-1:2.0.4-5.4.26
  • openoffice.org-langpack-lt_LT-1:2.0.4-5.4.26
  • openoffice.org-langpack-ml_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-mr_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-ms_MY-1:2.0.4-5.4.26
  • openoffice.org-langpack-nb_NO-1:2.0.4-5.4.26
  • openoffice.org-langpack-nl-1:2.0.4-5.4.26
  • openoffice.org-langpack-nn_NO-1:2.0.4-5.4.26
  • openoffice.org-langpack-nr_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-nso_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-or_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-pa_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-pl_PL-1:2.0.4-5.4.26
  • openoffice.org-langpack-pt_BR-1:2.0.4-5.4.26
  • openoffice.org-langpack-pt_PT-1:2.0.4-5.4.26
  • openoffice.org-langpack-ru-1:2.0.4-5.4.26
  • openoffice.org-langpack-sk_SK-1:2.0.4-5.4.26
  • openoffice.org-langpack-sl_SI-1:2.0.4-5.4.26
  • openoffice.org-langpack-sr_CS-1:2.0.4-5.4.26
  • openoffice.org-langpack-ss_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-st_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-sv-1:2.0.4-5.4.26
  • openoffice.org-langpack-ta_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-te_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-th_TH-1:2.0.4-5.4.26
  • openoffice.org-langpack-tn_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-tr_TR-1:2.0.4-5.4.26
  • openoffice.org-langpack-ts_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-ur-1:2.0.4-5.4.26
  • openoffice.org-langpack-ve_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-xh_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-zh_CN-1:2.0.4-5.4.26
  • openoffice.org-langpack-zh_TW-1:2.0.4-5.4.26
  • openoffice.org-langpack-zu_ZA-1:2.0.4-5.4.26
  • openoffice.org-math-1:2.0.4-5.4.26
  • openoffice.org-pyuno-1:2.0.4-5.4.26
  • openoffice.org-testtools-1:2.0.4-5.4.26
  • openoffice.org-writer-1:2.0.4-5.4.26
  • openoffice.org-xsltfilter-1:2.0.4-5.4.26
  • openoffice.org-0:1.1.2-41.2.0.EL3
  • openoffice.org-i18n-0:1.1.2-41.2.0.EL3
  • openoffice.org-libs-0:1.1.2-41.2.0.EL3
  • openoffice.org-0:1.1.5-10.6.0.3.EL4
  • openoffice.org-i18n-0:1.1.5-10.6.0.3.EL4
  • openoffice.org-kde-0:1.1.5-10.6.0.3.EL4
  • openoffice.org-libs-0:1.1.5-10.6.0.3.EL4
refmap via4
bid 28819
confirm
debian DSA-1547
fedora FEDORA-2008-3251
gentoo GLSA-200805-16
idefense 20080417 Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability
mandriva
  • MDVSA-2008:090
  • MDVSA-2008:095
sectrack 1019892
secunia
  • 29844
  • 29852
  • 29864
  • 29871
  • 29910
  • 29913
  • 29987
  • 30100
  • 30179
sunalert 231661
suse SUSE-SA:2008:023
ubuntu USN-609-1
vupen
  • ADV-2008-1253
  • ADV-2008-1375
xf openoffice-emf-bo(41861)
saint via4
bid 28819
description OpenOffice OLE importer DocumentSummaryInformation buffer overflow
id misc_openoffice
osvdb 44472
title openoffice_ole_importer
type client
Last major update 07-03-2011 - 00:00
Published 17-04-2008 - 15:05
Last modified 28-09-2017 - 21:29
Back to Top