Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5745

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-5745
Last Modified 17 Oct 2011 12:00:00
Published 17 Apr 2008 03:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5745

Summary

Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records.

Vulnerable Systems

Application

  • Openoffice 2.3.1


References

CONFIRM - http://www.openoffice.org/security/cves/CVE-2007-5745.html

CONFIRM - http://www.openoffice.org/security/bulletin.html

DEBIAN - DSA-1547

SECUNIA - 29864

FEDORA - FEDORA-2008-3251

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=435678

XF - openoffice-quattropro-bo(41863)

VUPEN - ADV-2008-1375

VUPEN - ADV-2008-1253

UBUNTU - USN-609-1

SECTRACK - 1019891

BID - 28819

REDHAT - RHSA-2008:0175

CONFIRM - http://www.openoffice.org/security/cves/CVE-2007-4770.html

SUSE - SUSE-SA:2008:023

MANDRIVA - MDVSA-2008:095

SUNALERT - 231601

GENTOO - GLSA-200805-16

SECUNIA - 30179

SECUNIA - 30100

SECUNIA - 29987

SECUNIA - 29913

SECUNIA - 29910

SECUNIA - 29871

SECUNIA - 29852

IDEFENSE - 20080417 Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities


Last Updated: 27 May 2016 10:46:16