Buffer overflow : OpenOffice.org < 2.4.1 rtl_allocateMemory Heap Based BOF Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800010

Categoría: Buffer overflow

Título: OpenOffice.org < 2.4.1 rtl_allocateMemory Heap Based BOF Vulnerability - Linux

Resumen: OpenOffice.org is prone to a heap based buffer overflow; vulnerability.

Descripción: Summary:
OpenOffice.org is prone to a heap based buffer overflow
vulnerability.

Vulnerability Insight:
The flaw is in alloc_global.c file in which rtl_allocateMemory
function rounding up allocation requests to be aligned on a 8 byte boundary without checking the
rounding results in an integer overflow condition.

Vulnerability Impact:
Exploitation will result in buffer overflows via a specially
crafted document and allow remote unprivileged user who provides a OpenOffice.org document that
is opened by a local user to execute arbitrary commands on the system with the privileges of the
user running OpenOffice.org.

Affected Software/OS:
OpenOffice.org 2.x and prior.

Solution:
Update to version 2.4.1 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-2152
BugTraq ID: 29622
http://www.securityfocus.com/bid/29622
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00385.html
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00473.html
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00499.html
http://security.gentoo.org/glsa/glsa-200807-05.xml
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=714
http://www.mandriva.com/security/advisories?name=MDVSA-2008:137
http://www.mandriva.com/security/advisories?name=MDVSA-2008:138
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9787
http://www.redhat.com/support/errata/RHSA-2008-0537.html
http://www.redhat.com/support/errata/RHSA-2008-0538.html
http://www.securitytracker.com/id?1020219
http://secunia.com/advisories/30599
http://secunia.com/advisories/30633
http://secunia.com/advisories/30634
http://secunia.com/advisories/30635
http://secunia.com/advisories/31029
http://sunsolve.sun.com/search/document.do?assetkey=1-26-237944-1
http://www.vupen.com/english/advisories/2008/1773
http://www.vupen.com/english/advisories/2008/1804/references
XForce ISS Database: openoffice-rtlallocatememory-bo(42957)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42957

Copyright Copyright (C) 2008 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800010
Categoría:	Buffer overflow
Título:	OpenOffice.org < 2.4.1 rtl_allocateMemory Heap Based BOF Vulnerability - Linux
Resumen:	OpenOffice.org is prone to a heap based buffer overflow; vulnerability.
Descripción:	Summary: OpenOffice.org is prone to a heap based buffer overflow vulnerability. Vulnerability Insight: The flaw is in alloc_global.c file in which rtl_allocateMemory function rounding up allocation requests to be aligned on a 8 byte boundary without checking the rounding results in an integer overflow condition. Vulnerability Impact: Exploitation will result in buffer overflows via a specially crafted document and allow remote unprivileged user who provides a OpenOffice.org document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running OpenOffice.org. Affected Software/OS: OpenOffice.org 2.x and prior. Solution: Update to version 2.4.1 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2152 BugTraq ID: 29622 http://www.securityfocus.com/bid/29622 https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00385.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00473.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00499.html http://security.gentoo.org/glsa/glsa-200807-05.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=714 http://www.mandriva.com/security/advisories?name=MDVSA-2008:137 http://www.mandriva.com/security/advisories?name=MDVSA-2008:138 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9787 http://www.redhat.com/support/errata/RHSA-2008-0537.html http://www.redhat.com/support/errata/RHSA-2008-0538.html http://www.securitytracker.com/id?1020219 http://secunia.com/advisories/30599 http://secunia.com/advisories/30633 http://secunia.com/advisories/30634 http://secunia.com/advisories/30635 http://secunia.com/advisories/31029 http://sunsolve.sun.com/search/document.do?assetkey=1-26-237944-1 http://www.vupen.com/english/advisories/2008/1773 http://www.vupen.com/english/advisories/2008/1804/references XForce ISS Database: openoffice-rtlallocatememory-bo(42957) https://exchange.xforce.ibmcloud.com/vulnerabilities/42957
Copyright	Copyright (C) 2008 Greenbone AG