Описание
Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
Отчет
This issue is not planned to be fixed in Red Hat Enterprise Linux 5, as its impact is mitigated by standard glibc protection mechanisms to cause only application abort. Red Hat Security Response Team does not consider a user-assisted crash (abort) of a client application, such as OpenOffice.org Impress tool, to be a security issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | openoffice.org | Affected | ||
| Red Hat Enterprise Linux 6 | openoffice.org | Affected | ||
| Red Hat Enterprise Linux 3 | openoffice.org | Fixed | RHSA-2010:0643 | 23.08.2010 |
| Red Hat Enterprise Linux 4 | openoffice.org | Fixed | RHSA-2010:0643 | 23.08.2010 |
| Red Hat Enterprise Linux 4 | openoffice.org2 | Fixed | RHSA-2010:0643 | 23.08.2010 |
Показывать по
Дополнительная информация
Статус:
6.8 Medium
CVSS2
Связанные уязвимости
Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
Integer overflow in simpress.bin in the Impress module in OpenOffice.o ...
Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
Уязвимость модуля Impress офисного пакета OpenOffice, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
6.8 Medium
CVSS2