CVE-2006-5870

Severity

93%

Complexity

86%

Confidentiality

165%

Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records.

Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

Sun StarOffice

First reported 18 years ago

2006-12-31 05:00:00

Last updated 6 years ago

2018-10-17 21:45:00

Affected Software

Sun StarOffice 6.0

6.0

Sun StarOffice 7.0

7.0

Sun StarOffice 8.0

8.0

References

20070101-01-P

20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites

FEDORA-2007-005

SUSE-SA:2007:001

32610

32611

23549

Vendor Advisory

23600

Vendor Advisory

23612

Vendor Advisory

23616

Vendor Advisory

23620

Vendor Advisory

23682

Vendor Advisory

23683

Vendor Advisory

23711

Vendor Advisory

23712

Vendor Advisory

23762

Vendor Advisory

23920

Vendor Advisory

GLSA-200701-07

1017466

102735

DSA-1246

VU#220288

US Government Resource

MDKSA-2007:006

http://www.ngssoftware.com/advisories/high-risk-vulnerabilities-in-the-staroffice-suite/

http://www.openoffice.org/issues/show_bug.cgi?id=70042

Patch

http://www.openoffice.org/nonav/issues/showattachment.cgi/39509/alloc.overflows.wmf.patch

RHSA-2007:0001

Patch, Vendor Advisory

20070104 Correction (High Risk Vulnerability in the OpenOffice and StarOffice Suites)

20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites

20070104 Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites

20070104 High Risk Vulnerability in the OpenOffice and StarOffice Suites

20070108 rPSA-2007-0001-1 openoffice.org

USN-406-1

ADV-2007-0031

Vendor Advisory

ADV-2007-0059

Vendor Advisory

openoffice-wmf-bo(31257)

https://issues.rpath.com/browse/RPL-905

oval:org.mitre.oval:def:8280

oval:org.mitre.oval:def:9145

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.