CVE-2008-2238

Name of the Vulnerable Software and Affected Versions OpenOffice versions 2.x before 2.4.2

Description The issue is related to an integer overflow in the handling of EMF files, specifically with crafted EMR records. This can lead to a heap-based buffer overflow, allowing a remote attacker to execute arbitrary code, access confidential data, compromise data integrity, and cause a denial of service. The exploitation is possible through specially crafted EMR records in an EMF file associated with a document.

Recommendations For OpenOffice versions 2.x before 2.4.2, update to version 2.4.2 or later to resolve the issue. As a temporary workaround, consider restricting the opening of documents from untrusted sources, especially those containing EMF files, to minimize the risk of exploitation. Avoid using the affected software to open specially crafted EMF files until the issue is resolved.