Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-3301

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-3301
Last Modified 13 Nov 2014 09:59:34
Published 16 Feb 2010 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-3301

Summary

Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.

Vulnerable Systems

Application

  • Sun Openoffice.org 1.1.0

  • Sun Openoffice.org 2.0.0

  • Sun Openoffice.org 2.0.3

  • Sun Openoffice.org 2.1.0

  • Sun Openoffice.org 2.2.0

  • Sun Openoffice.org 2.2.1

  • Sun Openoffice.org 2.3.0

  • Sun Openoffice.org 2.3.1

  • Sun Openoffice.org 2.4.0

  • Sun Openoffice.org 2.4.1

  • Sun Openoffice.org 2.4.2

  • Sun Openoffice.org 2.4.3

  • Sun Openoffice.org 3.0.0

  • Sun Openoffice.org 3.0.1

  • Sun Openoffice.org 3.1.0

  • Sun Openoffice.org 3.1.1


References

CERT - TA10-287A

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=533038

XF - openoffice-word-sprmtdeftable-bo(56240)

VUPEN - ADV-2010-2905

VUPEN - ADV-2010-0635

VUPEN - ADV-2010-0366

UBUNTU - USN-903-1

BID - 38218

REDHAT - RHSA-2010:0101

CONFIRM - http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html

CONFIRM - http://www.openoffice.org/security/bulletin.html

MANDRIVA - MDVSA-2010:221

DEBIAN - DSA-1995

SECTRACK - 1023591

SECUNIA - 38921

SECUNIA - 38695

SECUNIA - 38568

SECUNIA - 38567

SUSE - SUSE-SA:2010:017

GENTOO - GLSA-201408-19

SECUNIA - 60799

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

SECUNIA - 41818


Last Updated: 27 May 2016 10:52:00