OpenOffice Rtl_allocateMemory() Remote Code Execution Vulnerability (Lin) Network Vulnerability

Summary

This host has OpenOffice.Org installed, which is prone to remote code execution vulnerability.

Impact

Attackers can cause an out of bounds array access by tricking a user into opening a malicious document, also allow execution of arbitrary code. Impact Level : System

Solution

Upgrade to OpenOffice.org Version 3.2.0 or later, For updates refer to http://download.openoffice.org/index.html

Insight

The issue is due to a numeric truncation error within the rtl_allocateMemory() method in alloc_global.c file.

Affected

OpenOffice.org 2.4.1 and prior on Linux.

References

http://secunia.com/advisories/31640/
http://www.frsirt.com/english/advisories/2008/2449

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3282

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Windows)
Adobe Air Multiple Vulnerabilities - November12 (Windows)
Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows
Adobe AIR Multiple Vulnerabilities -01 Feb13 (Linux)

OpenOffice rtl_allocateMemory() Remote Code Execution Vulnerability (Lin)

Take action and discover your vulnerabilities