Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:OO-WORD-TABLE |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
OpenOffice Word Document Table Parsing Integer Underflow |
Release Date |
2010/09/30 |
Update Number |
1783 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: OpenOffice Word Document Table Parsing Integer Underflow
This signature detects attempts to exploit a known vulnerability in the OpenOffice Word document parsing routine. A successful attack can lead to an integer underflow and arbitrary remote code execution within the context of the client.
Extended Description
OpenOffice is prone to multiple remote heap-based buffer-overflow vulnerabilities because of errors in processing certain files. Remote attackers can exploit these issues by enticing victims into opening maliciously crafted files. Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service. The issues affect OpenOffice 3.1. NOTE: These issues may be related to the issues described in BID 36186 (OpenOffice Prior to 3.1.1 Multiple Unspecified Security Vulnerabilities). We will update this BID when more information becomes available.
Affected Products
- Avaya interactive_response 3.0
- Avaya interactive_response 4.0
- Debian linux 4.0
- Debian linux 4.0 Alpha
- Debian linux 4.0 Amd64
- Debian linux 4.0 Arm
- Debian linux 4.0 Armel
- Debian linux 4.0 Hppa
- Debian linux 4.0 Ia-32
- Debian linux 4.0 Ia-64
- Debian linux 4.0 M68k
- Debian linux 4.0 Mips
- Debian linux 4.0 Mipsel
- Debian linux 4.0 Powerpc
- Debian linux 4.0 S/390
- Debian linux 4.0 Sparc
- Debian linux 5.0
- Debian linux 5.0 Alpha
- Debian linux 5.0 Amd64
- Debian linux 5.0 Arm
- Debian linux 5.0 Armel
- Debian linux 5.0 Hppa
- Debian linux 5.0 Ia-32
- Debian linux 5.0 Ia-64
- Debian linux 5.0 M68k
- Debian linux 5.0 Mips
- Debian linux 5.0 Mipsel
- Debian linux 5.0 Powerpc
- Debian linux 5.0 S/390
- Debian linux 5.0 Sparc
- Mandriva enterprise_server 5
- Mandriva enterprise_server 5 X86 64
- Mandriva linux_mandrake 2008.0
- Mandriva linux_mandrake 2008.0 X86 64
- Mandriva linux_mandrake 2009.0
- Mandriva linux_mandrake 2009.0 X86 64
- Mandriva linux_mandrake 2009.1
- Mandriva linux_mandrake 2009.1 X86 64
- Openoffice openoffice 3.1.0
- Red_hat desktop 3.0.0
- Red_hat enterprise_linux Desktop Version 4
- Red_hat enterprise_linux_as 3
- Red_hat enterprise_linux_as 4
- Red_hat enterprise_linux_desktop 5 Client
- Red_hat enterprise_linux_desktop_workstation 5 Client
- Red_hat enterprise_linux_es 3
- Red_hat enterprise_linux_es 4
- Red_hat enterprise_linux_optional_productivity_application 5 Server
- Red_hat enterprise_linux_ws 3
- Red_hat enterprise_linux_ws 4
- Red_hat fedora 10
- Sun staroffice 7.0.0
- Sun staroffice 8.0
- Sun staroffice 9.0
- Sun starsuite 7
- Sun starsuite 8
- Sun starsuite 9
- Suse novell_linux_desktop 9.0.0
- Suse opensuse 10.3
- Suse opensuse 11.0
- Suse opensuse 11.1
- Suse suse_linux_enterprise 10
- Suse suse_linux_enterprise 11
- Ubuntu ubuntu_linux 8.04 LTS Amd64
- Ubuntu ubuntu_linux 8.04 LTS I386
- Ubuntu ubuntu_linux 8.04 LTS Lpia
- Ubuntu ubuntu_linux 8.04 LTS Powerpc
- Ubuntu ubuntu_linux 8.04 LTS Sparc
- Ubuntu ubuntu_linux 8.10 Amd64
- Ubuntu ubuntu_linux 8.10 I386
- Ubuntu ubuntu_linux 8.10 Lpia
- Ubuntu ubuntu_linux 8.10 Powerpc
- Ubuntu ubuntu_linux 8.10 Sparc
- Ubuntu ubuntu_linux 9.04 Amd64
- Ubuntu ubuntu_linux 9.04 I386
- Ubuntu ubuntu_linux 9.04 Lpia
- Ubuntu ubuntu_linux 9.04 Powerpc
- Ubuntu ubuntu_linux 9.04 Sparc
References
- BugTraq: 36200
- CVE: CVE-2009-0200
- CVE: CVE-2009-0201