Published: 17/04/2008 Updated: 29/09/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 720

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Integer overflow in OpenOffice.org prior to 2.4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openoffice openoffice.org 2.1
openoffice openoffice.org 2.2
openoffice openoffice.org 2.3.1
openoffice openoffice.org 2.0.3
openoffice openoffice.org 2.2.1
openoffice openoffice.org 2.3

It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOfficeorg If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges (CVE-2007-4575) ...

Several security related problems have been discovered in OpenOfficeorg, the free office suite The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-5745, CVE-2007-5747 Several bugs have been discovered in the way OpenOfficeorg parses Quattro Pro files that may lead to a overflow in the heap po ...

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-5746

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect