Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Scientific Linux 3.x: 2009-2949 Important OpenOffice.org Buffer Overflow

Calendar Feb 16, 2010 User Avatar LinuxSecurity Advisories
2 - 3 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory buffer overflow memory corruption integer overflow openoffice.org scientific linux
Important: openoffice.org security update 
Date: Tue, 16 Feb 2010 15:24:46 -0600
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA Important: openoffice.org on SL3.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 

Synopsis:	Important: openoffice.org security update
Issue date:	2010-02-12
CVE Names:	CVE-2009-2949 CVE-2009-2950 CVE-2009-3301
 CVE-2009-3302

CVE-2009-2950 openoffice.org: GIF file parsing heap overflow
CVE-2009-2949 openoffice.org: integer overflow in XPM processing
CVE-2009-3301 OpenOffice.org Word sprmTDefTable Memory Corruption
CVE-2009-3302 OpenOffice.org Word sprmTSetBrc Memory Corruption

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way OpenOffice.org parsed XPM files. An attacker could
create a specially-crafted document, which once opened by a local,
unsuspecting user, could lead to arbitrary code execution with the
permissions of the user running OpenOffice.org. Note: This flaw affects
embedded XPM files in OpenOffice.org documents as well as stand-alone
XPM files. (CVE-2009-2949)

An integer underflow flaw and a boundary error flaw, both possibly
leading to a heap-based buffer overflow, were found in the way
OpenOffice.org parsed certain records in Microsoft Word documents. An
attacker could create a specially-crafted Microsoft Word document, which
once opened by a local, unsuspecting user, could cause OpenOffice.org to
crash or, potentially, execute arbitrary code with the permissions of
the user running OpenOffice.org. (CVE-2009-3301, CVE-2009-3302)

A heap-based buffer overflow flaw, leading to memory corruption, was
found in the way OpenOffice.org parsed GIF files. An attacker could
create a specially-crafted document, which once opened by a local,
unsuspecting user, could cause OpenOffice.org to crash. Note: This flaw
affects embedded GIF files in OpenOffice.org documents as well as
stand-alone GIF files. (CVE-2009-2950)

All running instances of OpenOffice.org applications must be restarted
for this update to take effect.

SL 3.0.x

 SRPMS:
openoffice.org-1.1.2-46.2.0.EL3.src.rpm
 i386:
openoffice.org-1.1.2-46.2.0.EL3.i386.rpm
openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm
openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm
 x86_64:
openoffice.org-1.1.2-46.2.0.EL3.i386.rpm
openoffice.org-i18n-1.1.2-46.2.0.EL3.i386.rpm
openoffice.org-libs-1.1.2-46.2.0.EL3.i386.rpm

-Connie Sieh
-Troy Dawson
Your message here