PT-2009-4592 · Openoffice.Org · Go-Oo
Publicado
2009-09-21
·
Atualizado
2010-05-29
·
CVE-2009-2140
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Go-oo versions 2.x through 3.0.0
Description
The issue is related to multiple heap-based buffer overflows in the emfplus.cxx file, which can be exploited by remote attackers to execute arbitrary code. This can be achieved by sending a crafted EMF+ file. The issue is similar to a previously known problem.
Recommendations
For Go-oo versions 2.x through 3.0.0, update to version 3.0.1 or later to resolve the issue.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Go-Oo