ID CVE-2007-4251
Summary OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service.
References
Vulnerable Configurations
  • cpe:2.3:a:openoffice:openoffice:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openoffice:openoffice:2.2:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 15-10-2018 - 21:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bugtraq 20070804 [ELEYTT] 4SIERPIEN2007
osvdb 46766
sectrack 1018544
sreason 3004
xf openoffice-fileextension-dos(35806)
statements via4
  • contributor Vincent Danen
    lastmodified 2007-09-18
    organization Mandriva
    statement This issue crashes OpenOffice.org only if a user opens a malicious document. Mandriva does not consider this a security issue.
  • contributor Mark J Cox
    lastmodified 2007-08-14
    organization Red Hat
    statement Red Hat does not consider this flaw a security issue. This flaw will only crash OpenOffice.org if a victim opens a malicious document.
Last major update 15-10-2018 - 21:34
Published 08-08-2007 - 23:17
Back to Top