Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:STC:DL:OO-XPMREAD-OF

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 OpenOffice.org XPM File Processing Integer Overflow

Release Date

 2010/10/25

Update Number

 1798

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: OpenOffice.org XPM File Processing Integer Overflow


This signature detects attempts to exploit a known integer overflow vulnerability has in OpenOffice. It is due to a boundary error when the XPMReader::ReadXPM function in xpmread.cxx in OpenOffice.org processes XPM files. A remote unauthenticated attacker can leverage this by enticing a target user to open a malicious XPM file with a vulnerable application. In a successful attack, it can result in a heap overflow leading to the possibility of code execution within the security context of the currently logged on user. In an unsuccessful attack, the target application can terminate abnormally.

Extended Description

OpenOffice is prone to multiple remote code-execution vulnerabilities because of errors in processing certain files. Remote attackers can exploit these issues by enticing victims into opening maliciously crafted files. Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service. Versions prior to OpenOffice 3.2 are vulnerable.

Affected Products

  • Debian linux 4.0
  • Debian linux 4.0 Alpha
  • Debian linux 4.0 Amd64
  • Debian linux 4.0 Arm
  • Debian linux 4.0 Armel
  • Debian linux 4.0 Hppa
  • Debian linux 4.0 Ia-32
  • Debian linux 4.0 Ia-64
  • Debian linux 4.0 M68k
  • Debian linux 4.0 Mips
  • Debian linux 4.0 Mipsel
  • Debian linux 4.0 Powerpc
  • Debian linux 4.0 S/390
  • Debian linux 4.0 Sparc
  • Debian linux 5.0
  • Debian linux 5.0 Alpha
  • Debian linux 5.0 Amd64
  • Debian linux 5.0 Arm
  • Debian linux 5.0 Armel
  • Debian linux 5.0 Hppa
  • Debian linux 5.0 Ia-32
  • Debian linux 5.0 Ia-64
  • Debian linux 5.0 M68k
  • Debian linux 5.0 Mips
  • Debian linux 5.0 Mipsel
  • Debian linux 5.0 Powerpc
  • Debian linux 5.0 S/390
  • Debian linux 5.0 Sparc
  • Mandriva enterprise_server 5
  • Mandriva enterprise_server 5 X86 64
  • Mandriva linux_mandrake 2009.0
  • Mandriva linux_mandrake 2009.0 X86 64
  • Mandriva linux_mandrake 2010.0
  • Mandriva linux_mandrake 2010.0 X86 64
  • Mandriva linux_mandrake 2010.1
  • Mandriva linux_mandrake 2010.1 X86 64
  • Openoffice openoffice 2.0.0 Beta
  • Openoffice openoffice 2.0.1
  • Openoffice openoffice 2.0.2
  • Openoffice openoffice 2.0.3
  • Openoffice openoffice 2.0.3-1
  • Openoffice openoffice 2.0.4
  • Openoffice openoffice 2.1
  • Openoffice openoffice 2.2
  • Openoffice openoffice 2.2.0
  • Openoffice openoffice 2.2.1
  • Openoffice openoffice 2.3.0
  • Openoffice openoffice 2.3.1
  • Openoffice openoffice 2.4
  • Openoffice openoffice 2.4.1
  • Openoffice openoffice 2.4.2
  • Openoffice openoffice 2.4.3
  • Openoffice openoffice 3.1.0
  • Openoffice openoffice 3.1.1
  • Pardus linux_2009
  • Red_hat desktop 3.0.0
  • Red_hat enterprise_linux Desktop Version 4
  • Red_hat enterprise_linux_as 3
  • Red_hat enterprise_linux_as 4
  • Red_hat enterprise_linux_desktop 5 Client
  • Red_hat enterprise_linux_desktop_workstation 5 Client
  • Red_hat enterprise_linux_es 3
  • Red_hat enterprise_linux_es 4
  • Red_hat enterprise_linux_optional_productivity_application 5 Server
  • Red_hat enterprise_linux_ws 3
  • Red_hat enterprise_linux_ws 4
  • Red_hat fedora 11
  • Red_hat fedora 12
  • Sun staroffice 7.0.0
  • Sun staroffice 8.0
  • Sun staroffice 9.0
  • Sun starsuite 7
  • Sun starsuite 8
  • Sun starsuite 9
  • Suse novell_linux_desktop 9.0.0
  • Suse openoffice_for_windows
  • Suse opensuse 11.0
  • Suse opensuse 11.1
  • Suse opensuse 11.2
  • Suse suse_linux_enterprise 11
  • Suse suse_linux_enterprise_desktop 10 SP2
  • Suse suse_linux_enterprise_desktop 10 SP3
  • Suse suse_linux_enterprise_desktop 11
  • Suse suse_linux_enterprise_sdk 10 SP2
  • Suse suse_linux_enterprise_sdk 10 SP3
  • Ubuntu ubuntu_linux 8.04 LTS Amd64
  • Ubuntu ubuntu_linux 8.04 LTS I386
  • Ubuntu ubuntu_linux 8.04 LTS Lpia
  • Ubuntu ubuntu_linux 8.04 LTS Powerpc
  • Ubuntu ubuntu_linux 8.04 LTS Sparc
  • Ubuntu ubuntu_linux 8.10 Amd64
  • Ubuntu ubuntu_linux 8.10 I386
  • Ubuntu ubuntu_linux 8.10 Lpia
  • Ubuntu ubuntu_linux 8.10 Powerpc
  • Ubuntu ubuntu_linux 8.10 Sparc
  • Ubuntu ubuntu_linux 9.04 Amd64
  • Ubuntu ubuntu_linux 9.04 I386
  • Ubuntu ubuntu_linux 9.04 Lpia
  • Ubuntu ubuntu_linux 9.04 Powerpc
  • Ubuntu ubuntu_linux 9.04 Sparc
  • Ubuntu ubuntu_linux 9.10 Amd64
  • Ubuntu ubuntu_linux 9.10 I386
  • Ubuntu ubuntu_linux 9.10 Lpia
  • Ubuntu ubuntu_linux 9.10 Powerpc
  • Ubuntu ubuntu_linux 9.10 Sparc

References

  • BugTraq: 38218
  • CVE: CVE-2009-2949

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out