Short Name |
HTTP:STC:DL:EMF-EMR-INT |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
OpenOffice EMF File EMR Record Parsing Integer Overflow |
Release Date |
2010/10/18 |
Update Number |
1794 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the OpenOffice EMF File EMR Record. A successful attack can lead to arbitrary code execution.
OpenOffice is prone to multiple remote heap-based buffer-overflow vulnerabilities because of errors in processing certain files. Remote attackers can exploit these issues by enticing victims into opening maliciously crafted EMF or WMF files. Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service. The issues affect OpenOffice 2 prior to 2.4.2.