- Home
- CVEs with nessus.description==Multiple vulnerabilities was discovered and corrected in the OpenOffice.org :
Integer overflow allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow (CVE-2009-2949).
Heap-based buffer overflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression (CVE-2009-2950).
Integer underflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document (CVE-2009-3301).
boundary error flaw allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document (CVE-2009-3302).
Lack of properly enforcing Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document (CVE-2010-0136).
User-assisted remote attackers are able to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed (CVE-2010-0395).
Impress module does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an integer truncation error (CVE-2010-2935).
Integer overflow in the Impress allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow (CVE-2010-2936).
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90
This update provides OpenOffice.org packages have been patched to correct these issues and additional dependent packages.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top