HTTP: OpenOffice RTF File Parsing Heap Buffer Overflow
This signature detects attempts to exploit a known buffer overflow vulnerability in the OpenOffice RTF File. An attack targeting this can result in the injection and execution of code. If code execution is successful, the behavior of the target depends on the intention of the attacker. Any injected code is executed within the security context of the currently logged in user. In an unsuccessful attack, the affected product terminates resulting in the loss of any unsaved data from the current session.
Extended Description
OpenOffice is prone to a remote heap-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Remote attackers may exploit this issue by enticing victims into opening maliciously crafted RTF files. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
Affected Products
Mandriva corporate_server
Short Name
HTTP:STC:DL:OO-RTF-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2007-0245 File Heap OpenOffice Overflow Parsing RTF bid:24450
Release Date
10/12/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Sun
Rpath
Avaya
Sgi
Novell
Openoffice
Ubuntu
Mandriva
Debian
CVSS Score
9.3