Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openoffice.org | Openoffice | 2.0 (including) | 2.0 (including) |
Openoffice.org | Openoffice | 2.1 (including) | 2.1 (including) |
Openoffice.org | Openoffice | 2.2 (including) | 2.2 (including) |
Openoffice.org | Openoffice | 2.3 (including) | 2.3 (including) |
Openoffice.org | Openoffice | 2.4 (including) | 2.4 (including) |