Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2007-5747

Published: 17/04/2008 Updated: 29/09/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 720
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Sun

Vulnerability Summary

Integer underflow in OpenOffice.org prior to 2.4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.

Vulnerable Product Search on Vulmon Subscribe to Product

sun openoffice.org 2.1.0

sun openoffice.org 2.2.0

sun openoffice.org

sun openoffice.org 1.1.0

sun openoffice.org 2.0.0

Vendor Advisories

Ubuntu Security Notice: hsqldb, openoffice.org/-amd64 vulnerabilities
It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOfficeorg If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges (CVE-2007-4575) ...
Debian Security Advisories: DSA-1547-1 openoffice.org -- several vulnerabilities
Several security related problems have been discovered in OpenOfficeorg, the free office suite The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-5745, CVE-2007-5747 Several bugs have been discovered in the way OpenOfficeorg parses Quattro Pro files that may lead to a overflow in the heap po ...

References

CWE-189https://bugzilla.redhat.com/show_bug.cgi?id=435681http://www.openoffice.org/security/bulletin.htmlhttp://www.openoffice.org/security/cves/CVE-2007-5745.htmlhttp://www.debian.org/security/2008/dsa-1547http://www.redhat.com/support/errata/RHSA-2008-0175.htmlhttp://secunia.com/advisories/29864http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=693http://www.securitytracker.com/id?1019891https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00448.htmlhttp://secunia.com/advisories/29913http://www.openoffice.org/security/cves/CVE-2007-4770.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-231601-1http://www.novell.com/linux/security/advisories/2008_23_openoffice.htmlhttp://www.securityfocus.com/bid/28819http://secunia.com/advisories/29852http://secunia.com/advisories/29910http://secunia.com/advisories/29871http://secunia.com/advisories/29987http://www.mandriva.com/security/advisories?name=MDVSA-2008:095http://secunia.com/advisories/30100http://www.ubuntu.com/usn/usn-609-1http://security.gentoo.org/glsa/glsa-200805-16.xmlhttp://secunia.com/advisories/30179http://www.vupen.com/english/advisories/2008/1253/referenceshttp://www.vupen.com/english/advisories/2008/1375/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41881https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11298https://nvd.nist.govhttps://usn.ubuntu.com/609-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook