1. CVE-Search
  2. CVE-2007-5747
ID CVE-2007-5747
Summary Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:sun:openoffice.org:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:openoffice.org:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:openoffice.org:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:openoffice.org:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:openoffice.org:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:openoffice.org:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:openoffice.org:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:openoffice.org:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:openoffice.org:2.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:openoffice.org:2.3.0:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
accepted 2013-04-29T04:13:00.694-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.
family unix
id oval:org.mitre.oval:def:11298
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.
version 30
redhat via4
advisories
rhsa
id RHSA-2008:0175
rpms
  • openoffice.org-base-1:2.0.4-5.4.26
  • openoffice.org-calc-1:2.0.4-5.4.26
  • openoffice.org-core-1:2.0.4-5.4.26
  • openoffice.org-debuginfo-1:2.0.4-5.4.26
  • openoffice.org-draw-1:2.0.4-5.4.26
  • openoffice.org-emailmerge-1:2.0.4-5.4.26
  • openoffice.org-graphicfilter-1:2.0.4-5.4.26
  • openoffice.org-impress-1:2.0.4-5.4.26
  • openoffice.org-javafilter-1:2.0.4-5.4.26
  • openoffice.org-langpack-af_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-ar-1:2.0.4-5.4.26
  • openoffice.org-langpack-as_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-bg_BG-1:2.0.4-5.4.26
  • openoffice.org-langpack-bn-1:2.0.4-5.4.26
  • openoffice.org-langpack-ca_ES-1:2.0.4-5.4.26
  • openoffice.org-langpack-cs_CZ-1:2.0.4-5.4.26
  • openoffice.org-langpack-cy_GB-1:2.0.4-5.4.26
  • openoffice.org-langpack-da_DK-1:2.0.4-5.4.26
  • openoffice.org-langpack-de-1:2.0.4-5.4.26
  • openoffice.org-langpack-el_GR-1:2.0.4-5.4.26
  • openoffice.org-langpack-es-1:2.0.4-5.4.26
  • openoffice.org-langpack-et_EE-1:2.0.4-5.4.26
  • openoffice.org-langpack-eu_ES-1:2.0.4-5.4.26
  • openoffice.org-langpack-fi_FI-1:2.0.4-5.4.26
  • openoffice.org-langpack-fr-1:2.0.4-5.4.26
  • openoffice.org-langpack-ga_IE-1:2.0.4-5.4.26
  • openoffice.org-langpack-gl_ES-1:2.0.4-5.4.26
  • openoffice.org-langpack-gu_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-he_IL-1:2.0.4-5.4.26
  • openoffice.org-langpack-hi_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-hr_HR-1:2.0.4-5.4.26
  • openoffice.org-langpack-hu_HU-1:2.0.4-5.4.26
  • openoffice.org-langpack-it-1:2.0.4-5.4.26
  • openoffice.org-langpack-ja_JP-1:2.0.4-5.4.26
  • openoffice.org-langpack-kn_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-ko_KR-1:2.0.4-5.4.26
  • openoffice.org-langpack-lt_LT-1:2.0.4-5.4.26
  • openoffice.org-langpack-ml_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-mr_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-ms_MY-1:2.0.4-5.4.26
  • openoffice.org-langpack-nb_NO-1:2.0.4-5.4.26
  • openoffice.org-langpack-nl-1:2.0.4-5.4.26
  • openoffice.org-langpack-nn_NO-1:2.0.4-5.4.26
  • openoffice.org-langpack-nr_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-nso_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-or_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-pa_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-pl_PL-1:2.0.4-5.4.26
  • openoffice.org-langpack-pt_BR-1:2.0.4-5.4.26
  • openoffice.org-langpack-pt_PT-1:2.0.4-5.4.26
  • openoffice.org-langpack-ru-1:2.0.4-5.4.26
  • openoffice.org-langpack-sk_SK-1:2.0.4-5.4.26
  • openoffice.org-langpack-sl_SI-1:2.0.4-5.4.26
  • openoffice.org-langpack-sr_CS-1:2.0.4-5.4.26
  • openoffice.org-langpack-ss_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-st_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-sv-1:2.0.4-5.4.26
  • openoffice.org-langpack-ta_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-te_IN-1:2.0.4-5.4.26
  • openoffice.org-langpack-th_TH-1:2.0.4-5.4.26
  • openoffice.org-langpack-tn_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-tr_TR-1:2.0.4-5.4.26
  • openoffice.org-langpack-ts_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-ur-1:2.0.4-5.4.26
  • openoffice.org-langpack-ve_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-xh_ZA-1:2.0.4-5.4.26
  • openoffice.org-langpack-zh_CN-1:2.0.4-5.4.26
  • openoffice.org-langpack-zh_TW-1:2.0.4-5.4.26
  • openoffice.org-langpack-zu_ZA-1:2.0.4-5.4.26
  • openoffice.org-math-1:2.0.4-5.4.26
  • openoffice.org-pyuno-1:2.0.4-5.4.26
  • openoffice.org-testtools-1:2.0.4-5.4.26
  • openoffice.org-writer-1:2.0.4-5.4.26
  • openoffice.org-xsltfilter-1:2.0.4-5.4.26
  • openoffice.org2-base-1:2.0.4-5.7.0.4.0
  • openoffice.org2-calc-1:2.0.4-5.7.0.4.0
  • openoffice.org2-core-1:2.0.4-5.7.0.4.0
  • openoffice.org2-debuginfo-1:2.0.4-5.7.0.4.0
  • openoffice.org2-draw-1:2.0.4-5.7.0.4.0
  • openoffice.org2-emailmerge-1:2.0.4-5.7.0.4.0
  • openoffice.org2-graphicfilter-1:2.0.4-5.7.0.4.0
  • openoffice.org2-impress-1:2.0.4-5.7.0.4.0
  • openoffice.org2-javafilter-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-af_ZA-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ar-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-bg_BG-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-bn-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ca_ES-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-cs_CZ-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-cy_GB-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-da_DK-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-de-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-el_GR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-es-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-et_EE-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-eu_ES-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-fi_FI-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-fr-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ga_IE-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-gl_ES-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-gu_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-he_IL-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-hi_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-hr_HR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-hu_HU-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-it-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ja_JP-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ko_KR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-lt_LT-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ms_MY-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-nb_NO-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-nl-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-nn_NO-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pa_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pl_PL-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pt_BR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-pt_PT-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ru-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sk_SK-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sl_SI-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sr_CS-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-sv-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-ta_IN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-th_TH-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-tr_TR-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-zh_CN-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-zh_TW-1:2.0.4-5.7.0.4.0
  • openoffice.org2-langpack-zu_ZA-1:2.0.4-5.7.0.4.0
  • openoffice.org2-math-1:2.0.4-5.7.0.4.0
  • openoffice.org2-pyuno-1:2.0.4-5.7.0.4.0
  • openoffice.org2-testtools-1:2.0.4-5.7.0.4.0
  • openoffice.org2-writer-1:2.0.4-5.7.0.4.0
  • openoffice.org2-xsltfilter-1:2.0.4-5.7.0.4.0
refmap via4
bid 28819
confirm
debian DSA-1547
fedora FEDORA-2008-3251
gentoo GLSA-200805-16
idefense 20080417 Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability
mandriva MDVSA-2008:095
misc https://bugzilla.redhat.com/show_bug.cgi?id=435681
sectrack 1019891
secunia
  • 29852
  • 29864
  • 29871
  • 29910
  • 29913
  • 29987
  • 30100
  • 30179
sunalert 231601
suse SUSE-SA:2008:023
ubuntu USN-609-1
vupen
  • ADV-2008-1253
  • ADV-2008-1375
xf openoffice-quattropro-code-execution(41881)
saint via4
bid 28819
description OpenOffice OLE importer DocumentSummaryInformation buffer overflow
id misc_openoffice
osvdb 44472
title openoffice_ole_importer
type client
Last major update 29-09-2017 - 01:29
Published 17-04-2008 - 19:05
Last modified 29-09-2017 - 01:29
Back to Top