CVE Vulnerabilities

CVE-2007-5746

Published: Apr 17, 2008 | Modified: Sep 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Openoffice.org Openoffice 2.0.3 2.0.3
Openoffice.org Openoffice 2.1 2.1
Openoffice.org Openoffice 2.2 2.2
Openoffice.org Openoffice 2.2.1 2.2.1
Openoffice.org Openoffice 2.3 2.3
Openoffice.org Openoffice 2.3.1 2.3.1
Red Hat Enterprise Linux 3 RedHat openoffice.org-0:1.1.2-41.2.0.EL3 *
Red Hat Enterprise Linux 4 RedHat openoffice.org2-1:2.0.4-5.7.0.4.0 *
Red Hat Enterprise Linux 4 RedHat openoffice.org-0:1.1.5-10.6.0.3.EL4 *
Red Hat Enterprise Linux 5 RedHat openoffice.org-1:2.0.4-5.4.26 *
Openoffice.org Ubuntu dapper *
Openoffice.org Ubuntu feisty *
Openoffice.org Ubuntu gutsy *
Openoffice.org Ubuntu upstream *
Openoffice.org-amd64 Ubuntu dapper *

References