Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openoffice.org | Openoffice | 3.2.1 | 3.2.1 |