Solution
Please Install the Updated Packages.
Insight
OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program.
Multiple heap overflows and an integer underflow were found in the Quattro Pro(R) import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-5745, CVE-2007-5747)
A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a victim. (CVE-2007-5746)
A heap overflow flaw was found in the OLE Structured Storage file parser.
(OLE Structured Storage is a format used by Microsoft Office documents.) An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2008-0320)
All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes to correct these issues.
Affected
openoffice.org2-base on CentOS 4
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2007-5745, CVE-2007-5746, CVE-2007-5747, CVE-2008-0320 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities