CVE-2007-2834
Published: 18 September 2007
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.
Notes
Author | Note |
---|---|
jdstrand | upstream says fixed in 2.3.0, but gutsy has 2.3.0~rc1-1ubuntu2. Flagging as needed until can confirm it is not. on 2007/09/27 kees said that calc was taking care of it |
Priority
Status
Package | Release | Status |
---|---|---|
openoffice.org Launchpad, Ubuntu, Debian |
dapper |
Released
(2.0.2-2ubuntu12.5)
|
edgy |
Released
(2.0.4-0ubuntu7)
|
|
feisty |
Released
(2.2.0-1ubuntu5)
|
|
upstream |
Released
(2.3.0)
|