PT-2008-3663 · Apache+1 · Openoffice.Org+1
Sean Larsson
·
Published
2008-06-10
·
Updated
2025-01-17
·
CVE-2008-2152
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
OpenOffice.org versions 2.0 through 2.4
Description
The issue is related to an integer overflow in the
rtl allocateMemory function, which can lead to a heap-based buffer overflow. This can be triggered by a crafted file, potentially allowing remote attackers to execute arbitrary code.Recommendations
For OpenOffice.org versions 2.0 through 2.4, update to a version that contains a fix for this issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openoffice.Org
Red Hat