Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0320

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0320
Last Modified 07 Mar 2011 12:00:00
Published 17 Apr 2008 03:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0320

Summary

Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.

Vulnerable Systems

Application

  • Openoffice.org 2.0.3

  • Openoffice.org 2.1

  • Openoffice.org 2.2

  • Openoffice.org 2.2.1

  • Openoffice.org 2.3

  • Openoffice.org 2.3.1


References

FEDORA - FEDORA-2008-3251

XF - openoffice-ole-bo(41860)

VUPEN - ADV-2008-1375

VUPEN - ADV-2008-1253

UBUNTU - USN-609-1

SECTRACK - 1019890

BID - 28819

REDHAT - RHSA-2008:0176

REDHAT - RHSA-2008:0175

CONFIRM - http://www.openoffice.org/security/cves/CVE-2008-0320.html

CONFIRM - http://www.openoffice.org/security/cves/CVE-2007-5745.html

CONFIRM - http://www.openoffice.org/security/cves/CVE-2007-4770.html

CONFIRM - http://www.openoffice.org/security/bulletin.html

SUSE - SUSE-SA:2008:023

MANDRIVA - MDVSA-2008:095

MANDRIVA - MDVSA-2008:090

DEBIAN - DSA-1547

SUNALERT - 231642

GENTOO - GLSA-200805-16

SECUNIA - 30179

SECUNIA - 30100

SECUNIA - 29987

SECUNIA - 29913

SECUNIA - 29910

SECUNIA - 29871

SECUNIA - 29864

SECUNIA - 29852

SECUNIA - 29844

IDEFENSE - 20080417 Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability


Last Updated: 27 May 2016 10:46:46