LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

An odd vulnerability report for LibreOffice

An odd vulnerability report for LibreOffice

Posted Oct 6, 2011 9:06 UTC (Thu) by mjw (subscriber, #16740)
In reply to: An odd vulnerability report for LibreOffice by jake
Parent article: An odd vulnerability report for LibreOffice

There is now also a new comment explaining why it was first thought to be a security issue and then not. Also included is a timeline that clearly mentions openoffice.org being notified weeks ago. Why the apache people weren't aware still is a bit of a mystery though (Assuming they are in control of openoffice.org now, maybe Oracle still haven't handed it all over? Or maybe the apache office project just don't have enough hackers to take care of security issues anymore?).

RHBZ725668#c14:

It initially appeared that this flaw may be exploitable similar to CVE-2010-3452, where an OOB Read caused Arbitrary Code Execution. However in the case of this particular flaw, the junk data read is just parsed into an internal representation of properties and the maximum harm this should cause in application crash (Denial Of Service).

Timeline:

  • Reported to securityteam@openoffice.org on 25-July-2011
  • Recieved a reply (with tdf-security@lists.documentfoundation.org copied) on the same date
  • Release date changed with a few delays in between
  • Release on 5-Oct-2011

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds