- Home
- CVEs with nessus.description==iDefense reports :
Remote exploitation of multiple integer overflow vulnerabilities
within OpenOffice, as included in various vendors' operating system
distributions, allows attackers to execute arbitrary code.
These vulnerabilities exist within the TIFF parsing code of the
OpenOffice suite. When parsing the TIFF directory entries for certain
tags, the parser uses untrusted values from the file to calculate the
amount of memory to allocate. By providing specially crafted values,
an integer overflow occurs in this calculation. This results in the
allocation of a buffer of insufficient size, which in turn leads to a
heap overflow.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top