CVE ID:	CVE-2005-0941
Description:	The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow.
Test IDs:	1.3.6.1.4.1.25623.1.0.54018   1.3.6.1.4.1.25623.1.0.52108   1.3.6.1.4.1.25623.1.0.52138   1.3.6.1.4.1.25623.1.0.52550   1.3.6.1.4.1.25623.1.0.54915   1.3.6.1.4.1.25623.1.0.52616   1.3.6.1.4.1.25623.1.0.53055   1.3.6.1.4.1.25623.1.0.52676   1.3.6.1.4.1.25623.1.0.52693
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0941 Bugtraq: 20050412 OpenOffice DOC document Heap Overflow (Google Search) http://www.securityfocus.com/archive/1/395516 http://www.gentoo.org/security/en/glsa/glsa-200504-13.xml RedHat Security Advisories: RHSA-2005:375 http://www.redhat.com/support/errata/RHSA-2005-375.html SuSE Security Announcement: SUSE-SR:2005:021 (Google Search) http://www.novell.com/linux/security/advisories/2005_21_sr.html BugTraq ID: 13092 http://www.securityfocus.com/bid/13092 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9106 http://secunia.com/advisories/17027

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: