Kestutis Gudinavicius

**Name of the Vulnerable Software and Affected Versions** libwpd version 0.8.8 OpenOffice.org (OOo) versions prior to 3.4 **Description** The issue allows remote attackers to execute arbitrary code via a crafted Wordperfect .WPD document that causes a negative array index to be used in the WPXContentListener:: closeTableRow function. Some sources report this issue as an integer overflow. **Recommendations** For libwpd version 0.8.8, consider updating to a version that fixes the issue in the WPXContentListener:: closeTableRow function. For OpenOffice.org (OOo) versions prior to 3.4, update to version 3.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted Wordperfect .WPD documents until a patch is available.