OpenOffice Unspecified Flaws Have Unspecified Impact
|
|
SecurityTracker Alert ID: 1022832
|
|
SecurityTracker URL: http://securitytracker.com/id?1022832
|
|
CVE Reference: CVE-2009-3569
, CVE-2009-3571
(Links to External Site)
|
Updated: Oct 14 2009
|
Original Entry Date: Sep 4 2009
|
Impact: Execution of arbitrary code via network, User access via network
|
Exploit Included: Yes
|
Description: A vulnerability was reported in OpenOffice. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted document that, when loaded by the target user, will trigger a stack overflow and execute
arbitrary code on the target system. The code will run with the privileges of the target user.
An additional vulnerability exists.
The impact was not specified.
This vulnerability was reported in the VulnDisco version 8.8 release [May 11, 2009].
|
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.openoffice.org/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 4 Sep 2009 10:58:50 -0400
Subject: OpenOffice
|
Name: OpenOffice overflow
Status: 0day
Details: Client-side stack overflow exploit.
Listener: WIN32MOSDEF
Platform: Windows
Vulndisco: 8.8
Name: OpenOffice exploit
Status: 0day
Details: Client-side exploit.
Listener: not necessary
Platform: Windows
Vulndisco: 8.8
|
|
