HTTP: OpenOffice EMF File EMR_BITBLT Record Integer Overflow
This signature detects attempts to exploit a known vulnerability in OpenOffice. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the user.
Extended Description
OpenOffice is prone to multiple remote heap-based buffer-overflow vulnerabilities because of errors in processing certain files. Remote attackers can exploit these issues by enticing victims into opening maliciously crafted ODF, Quattro Pro, EMF, or OLE files. Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service. The issues affect OpenOffice 2 prior to 2.4. The OLE and EMF file issues also affect OpenOffice 1.1.
Affected Products
Openoffice openoffice
Short Name
HTTP:STC:DL:OO-EMF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2007-5746 EMF EMR_BITBLT File Integer OpenOffice Overflow Record bid:28819
Release Date
10/04/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Sun
Avaya
Openoffice
Ubuntu
Mandriva
Debian
CVSS Score
6.8