FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-2834

This CVE name corresponds to:

Entered Topic
2007-09-20 openoffice -- arbitrary command execution vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-2834 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-2834
Phase Assigned(20070524)

Description

Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.

References

Source Reference
IDEFENSE 20070917 Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities
BUGTRAQ 20070919 FLEA-2007-0056-1 openoffice.org
CONFIRM http://www.openoffice.org/security/cves/CVE-2007-2834.html
CONFIRM https://issues.rpath.com/browse/RPL-1740
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=192818
DEBIAN DSA-1375
FEDORA FEDORA-2007-700
FEDORA FEDORA-2007-2372
GENTOO GLSA-200710-24
MANDRIVA MDKSA-2007:186
REDHAT RHSA-2007:0848
SUNALERT 102994
SUNALERT 200190
SUSE SUSE-SA:2007:052
UBUNTU USN-524-1
BID 25690
OVAL oval:org.mitre.oval:def:9967
VUPEN ADV-2007-3184
VUPEN ADV-2007-3262
SECTRACK 1018702
SECUNIA 26816
SECUNIA 26817
SECUNIA 26839
SECUNIA 26844
SECUNIA 26855
SECUNIA 26861
SECUNIA 26903
SECUNIA 26912
SECUNIA 26891
SECUNIA 27077
SECUNIA 27087
SECUNIA 27370
XF openoffice-tiff-bo(36656)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.