Published: 02/09/2009 Updated: 11/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Integer underflow in OpenOffice.org (OOo) prior to 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote malicious users to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openoffice openoffice.org 2.0.2
openoffice openoffice.org 2.0.3
openoffice openoffice.org 2.0.4
openoffice openoffice.org 2.4
openoffice openoffice.org 2.4.1
openoffice openoffice.org 2.0.1
openoffice openoffice.org 1.9.93
openoffice openoffice.org 1.9.91
openoffice openoffice.org 1.1.3
openoffice openoffice.org 1.1.4
openoffice openoffice.org 2.2.1
openoffice openoffice.org 2.3
openoffice openoffice.org 2.1.152
openoffice openoffice.org 1.9.156
openoffice openoffice.org 1.9.118
openoffice openoffice.org 1.1.5
openoffice openoffice.org 2.0
openoffice openoffice.org 2.3.1
openoffice openoffice.org 1.9.130
openoffice openoffice.org 1.9.122
openoffice openoffice.org 1.9.104
openoffice openoffice.org 1.9.100
openoffice openoffice.org 1.9.95
openoffice openoffice.org 1.1
openoffice openoffice.org 641d
openoffice openoffice.org 641b
openoffice openoffice.org 605b
openoffice openoffice.org 1.0.1
openoffice openoffice.org 638c
openoffice openoffice.org 638
openoffice openoffice.org 1.0-ru
openoffice openoffice.org 1.0.0
openoffice openoffice.org 1.9.113
openoffice openoffice.org 1.9.680
openoffice openoffice.org 1.1.1
openoffice openoffice.org 1.0.2
openoffice openoffice.org 643
openoffice openoffice.org 619
openoffice openoffice.org 614
openoffice openoffice.org 609
openoffice openoffice.org 1.1.2
openoffice openoffice.org 2.1
openoffice openoffice.org 2.2
openoffice openoffice.org 3.01
openoffice openoffice.org 2.1.154
openoffice openoffice.org 1.9.87
openoffice openoffice.org 1.9.84
openoffice openoffice.org 1.0.3.1
openoffice openoffice.org 633
openoffice openoffice.org 627
openoffice openoffice.org

Dyon Balding discovered flaws in the way OpenOfficeorg handled tables If a user were tricked into opening a specially crafted Word document, a remote attacker might be able to execute arbitrary code with user privileges (CVE-2009-0200, CVE-2009-0201) ...

Several vulnerabilities have been discovered in the OpenOfficeorg office suite The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0200 Dyon Balding of Secunia Research has discovered a vulnerability, which can be exploited by opening a specially crafted Microsoft Word document When readi ...

CWE-189 http://www.securityfocus.com/bid/36200 http://development.openoffice.org/releases/3.1.1.html http://www.vupen.com/english/advisories/2009/2490 http://secunia.com/secunia_research/2009-26/http://secunia.com/advisories/35036 http://www.debian.org/security/2009/dsa-1880 http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html http://secunia.com/advisories/36750 http://sunsolve.sun.com/search/document.do?assetkey=1-26-263508-1 http://www.mandriva.com/security/advisories?name=MDVSA-2010:035 http://www.mandriva.com/security/advisories?name=MDVSA-2010:091 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020715.1-1 http://www.mandriva.com/security/advisories?name=MDVSA-2010:105 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml http://www.openoffice.org/security/cves/CVE-2009-0200-0201.html http://secunia.com/advisories/60799 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10881 http://www.securityfocus.com/archive/1/506194/100/0/threaded https://usn.ubuntu.com/840-1/https://nvd.nist.gov

CVE-2009-0200

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect