Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x prior to 3.3 allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache openoffice |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 9.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 10.10 |
||
debian debian linux 5.0 |
||
debian debian linux 6.0 |