Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 244995
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Matti Bickel <mabi@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 244995 depends on: 235824 Show dependency tree
Bug 244995 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-10-30 18:55 0000 
From Secunia:

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
OpenOffice.org 2.x
http://secunia.com/advisories/product/6157/

DESCRIPTION:
Some vulnerabilities have been reported in OpenOffice, which
potentially can be exploited by malicious people to compromise a
user's system.

1) An error in the processing of WMF files can be exploited to cause
a heap-based buffer overflow via a specially crafted
StarOffice/StarSuite document.

2) An error in the processing of EMF files can be exploited to cause
a heap-based buffer overflow via a specially crafted
StarOffice/StarSuite document.

Successful exploitation of the vulnerabilities may allow execution of
arbitrary code.

The vulnerabilities are reported in 2.x versions prior to 2.4.2.

SOLUTION:
Update to version 2.4.2.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) an anonymous researcher working with the SureRun Security Team
2) an anonymous researcher working with iDefense

ORIGINAL ADVISORY:
http://www.openoffice.org/security/cves/CVE-2008-2237.html
http://www.openoffice.org/security/cves/CVE-2008-2238.html

------- Comment #1 From Matti Bickel 2008-10-30 18:57:05 0000 ------- 
This bug just adds more urgency to bug #235824

------- Comment #2 From Andreas Proschofsky 2008-10-30 20:09:12 0000 ------- 
(In reply to comment #1)
> This bug just adds more urgency to bug #235824
> 

Totally agree, 3.0 should be the way to go, not 2.4.2.

------- Comment #3 From Robert Buchholz 2008-10-30 22:14:51 0000 ------- 
There's no need to CC arches to two bugs. If this bug gets it stable fix by the
other bug, we can just set dependings and mark it blocked in whiteboard.

------- Comment #4 From Robert Buchholz 2008-10-30 22:34:11 0000 ------- 
CVE-2008-2237 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2237):
  Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2
  allows remote attackers to execute arbitrary code via a crafted WMF
  file associated with a StarOffice/StarSuite document.

CVE-2008-2238 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2238):
  Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2
  allows remote attackers to execute arbitrary code via a crafted EMF
  file associated with a StarOffice/StarSuite document.

------- Comment #5 From Pierre-Yves Rofes 2008-12-12 23:08:24 0000 ------- 
GLSA 200812-13
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug