Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openoffice.org | Sun | * | 2.3.0 (including) |
Openoffice.org | Sun | 1.1.0 (including) | 1.1.0 (including) |
Openoffice.org | Sun | 2.0.0 (including) | 2.0.0 (including) |
Openoffice.org | Sun | 2.1.0 (including) | 2.1.0 (including) |
Openoffice.org | Sun | 2.2.0 (including) | 2.2.0 (including) |