Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3117

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2006-3117
Last Modified 17 Oct 2011 12:00:00
Published 30 Jun 2006 02:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3117

Summary

Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."

Vulnerable Systems

Application

  • Openoffice 1.1.0

  • Openoffice 1.1.1

  • Openoffice 1.1.2

  • Openoffice 1.1.3

  • Openoffice 1.1.4

  • Openoffice 2.0

  • Openoffice 2.0.0

  • Openoffice 2.0.1

  • Openoffice 2.0.2

  • Sun Staroffice 6.0

  • Sun Staroffice 7.0

  • Sun Staroffice 8.0


References

CONFIRM - http://www.openoffice.org/security/CVE-2006-3117.html

MISC - http://www.ngssoftware.com/advisories/openoffice.txt

SUNALERT - 102501

CONFIRM - https://issues.rpath.com/browse/RPL-475

XF - openoffice-xml-document-bo(27571)

VUPEN - ADV-2006-2621

VUPEN - ADV-2006-2607

UBUNTU - USN-313-2

UBUNTU - USN-313-1

BID - 18739

BUGTRAQ - 20060926 rPSA-2006-0173-1 openoffice.org

REDHAT - RHSA-2006:0573

SUSE - SUSE-SA:2006:040

MANDRIVA - MDKSA-2006:118

DEBIAN - DSA-1104

SECTRACK - 1016414

GENTOO - GLSA-200607-12

SECUNIA - 23620

SECUNIA - 22129

SECUNIA - 21278

SECUNIA - 20995

SECUNIA - 20975

SECUNIA - 20913

SECUNIA - 20911

SECUNIA - 20910

SECUNIA - 20893

SECUNIA - 20867

FEDORA - FEDORA-2007-005


Last Updated: 27 May 2016 10:42:54