| Description: |
From the Red Hat advisory:
An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way OpenOffice.org parsed XPM files. An attacker could create
a specially-crafted document, which once opened by a local, unsuspecting
user, could lead to arbitrary code execution with the permissions of the
user running OpenOffice.org. Note: This flaw affects embedded XPM files in
OpenOffice.org documents as well as stand-alone XPM files. (CVE-2009-2949)
An integer underflow flaw and a boundary error flaw, both possibly leading
to a heap-based buffer overflow, were found in the way OpenOffice.org
parsed certain records in Microsoft Word documents. An attacker could
create a specially-crafted Microsoft Word document, which once opened by a
local, unsuspecting user, could cause OpenOffice.org to crash or,
potentially, execute arbitrary code with the permissions of the user
running OpenOffice.org. (CVE-2009-3301, CVE-2009-3302)
A heap-based buffer overflow flaw, leading to memory corruption, was found
in the way OpenOffice.org parsed GIF files. An attacker could create a
specially-crafted document, which once opened by a local, unsuspecting
user, could cause OpenOffice.org to crash. Note: This flaw affects embedded
GIF files in OpenOffice.org documents as well as stand-alone GIF files.
(CVE-2009-2950)
|
