LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

openoffice.org: arbitrary code execution via TIFF images

Package(s):openoffice.org CVE #(s):CVE-2007-2834
Created:September 17, 2007 Updated:June 12, 2008
Description: A heap overflow vulnerability has been discovered in the TIFF parsing code of the OpenOffice.org suite. The parser uses untrusted values from the TIFF file to calculate the number of bytes of memory to allocate. A specially crafted TIFF image could trigger an integer overflow and subsequently a buffer overflow that could cause the execution of arbitrary code.
Alerts:
Fedora FEDORA-2008-5239 2008-06-11
Fedora FEDORA-2008-4104 2008-05-17
Gentoo 200710-24 2007-10-23
Ubuntu USN-524-1 2007-10-04
Fedora FEDORA-2007-2372 2007-10-03
SuSE SUSE-SA:2007:052 2007-09-21
Mandriva MDKSA-2007:186 2007-09-17
rPath rPSA-2007-0189-1 2007-09-18
Foresight FLEA-2007-0056-1 2007-09-18
Fedora FEDORA-2007-700 2007-09-18
Red Hat RHSA-2007:0848-01 2007-09-18
Debian DSA-1375-1 2007-09-17
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds