fkie_cve-2006-3117
Vulnerability from fkie_nvd
Published
2006-06-30 18:05
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
References
security@debian.orghttp://fedoranews.org/cms/node/2343
security@debian.orghttp://secunia.com/advisories/20867Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20893Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20910Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20911Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20913Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20975Vendor Advisory
security@debian.orghttp://secunia.com/advisories/20995Vendor Advisory
security@debian.orghttp://secunia.com/advisories/21278Vendor Advisory
security@debian.orghttp://secunia.com/advisories/22129Vendor Advisory
security@debian.orghttp://secunia.com/advisories/23620Vendor Advisory
security@debian.orghttp://security.gentoo.org/glsa/glsa-200607-12.xml
security@debian.orghttp://securitytracker.com/id?1016414
security@debian.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1Patch
security@debian.orghttp://www.debian.org/security/2006/dsa-1104
security@debian.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:118
security@debian.orghttp://www.ngssoftware.com/advisories/openoffice.txtPatch
security@debian.orghttp://www.novell.com/linux/security/advisories/2006_40_openoffice.html
security@debian.orghttp://www.openoffice.org/security/CVE-2006-3117.htmlPatch
security@debian.orghttp://www.redhat.com/support/errata/RHSA-2006-0573.htmlVendor Advisory
security@debian.orghttp://www.securityfocus.com/archive/1/447035/100/0/threaded
security@debian.orghttp://www.securityfocus.com/bid/18739
security@debian.orghttp://www.ubuntu.com/usn/usn-313-1
security@debian.orghttp://www.ubuntu.com/usn/usn-313-2
security@debian.orghttp://www.vupen.com/english/advisories/2006/2607Vendor Advisory
security@debian.orghttp://www.vupen.com/english/advisories/2006/2621Vendor Advisory
security@debian.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27571
security@debian.orghttps://issues.rpath.com/browse/RPL-475
security@debian.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704
af854a3a-2127-422b-91ae-364da2661108http://fedoranews.org/cms/node/2343
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20867Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20893Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20910Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20911Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20913Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20975Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20995Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/21278Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22129Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23620Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200607-12.xml
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016414
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1Patch
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1104
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:118
af854a3a-2127-422b-91ae-364da2661108http://www.ngssoftware.com/advisories/openoffice.txtPatch
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_40_openoffice.html
af854a3a-2127-422b-91ae-364da2661108http://www.openoffice.org/security/CVE-2006-3117.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0573.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/447035/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18739
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-313-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-313-2
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2607Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2621Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27571
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-475
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704
Impacted products
Vendor Product Version
openoffice openoffice 1.1.0
openoffice openoffice 1.1.1
openoffice openoffice 1.1.2
openoffice openoffice 1.1.3
openoffice openoffice 1.1.4
openoffice openoffice 2.0
openoffice openoffice 2.0.0
openoffice openoffice 2.0.1
openoffice openoffice 2.0.2
sun staroffice 6.0
sun staroffice 7.0
sun staroffice 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "73EA7C32-30D8-4367-B2F6-6394408E63B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A063FBBE-4D34-45D0-9AC8-66CFC64D22EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F0436BF-D4B6-4437-A509-FEBB779E4B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24B3240-5110-4810-A37A-C9A0B4A1F856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D14968CA-8FA9-4E71-9C0C-3ABFBE7920C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E667DBA8-23C6-4521-9BAF-17D667886242",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4999E6F1-2983-48B1-8FEF-830DD4845CD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA089E1-3B23-47FA-84BB-81225AD200EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openoffice:openoffice:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "021D5A76-3F8E-4BBC-8776-D8E13F70D26F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:staroffice:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA77A764-8311-4108-8155-920EC12AC0F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:staroffice:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECB60F92-5543-4D1E-8CE1-525D65AECF5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:staroffice:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7D51979-56BC-46A4-A6FB-45BC56CB6D5B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka \"File Format / Buffer Overflow Vulnerability.\""
    },
    {
      "lang": "es",
      "value": ""
    }
  ],
  "id": "CVE-2006-3117",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-06-30T18:05:00.000",
  "references": [
    {
      "source": "security@debian.org",
      "url": "http://fedoranews.org/cms/node/2343"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20867"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20893"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20910"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20911"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20913"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20975"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20995"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21278"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22129"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23620"
    },
    {
      "source": "security@debian.org",
      "url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
    },
    {
      "source": "security@debian.org",
      "url": "http://securitytracker.com/id?1016414"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.debian.org/security/2006/dsa-1104"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ngssoftware.com/advisories/openoffice.txt"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openoffice.org/security/CVE-2006-3117.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.securityfocus.com/bid/18739"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.ubuntu.com/usn/usn-313-1"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.ubuntu.com/usn/usn-313-2"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2607"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2621"
    },
    {
      "source": "security@debian.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
    },
    {
      "source": "security@debian.org",
      "url": "https://issues.rpath.com/browse/RPL-475"
    },
    {
      "source": "security@debian.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/cms/node/2343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20893"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20910"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20975"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20995"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21278"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22129"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23620"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200607-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ngssoftware.com/advisories/openoffice.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2006_40_openoffice.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openoffice.org/security/CVE-2006-3117.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0573.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/447035/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18739"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-313-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-313-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27571"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-475"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9704"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.