HTTP: OpenOffice Word Document Table Parsing Integer Underflow
This signature detects attempts to exploit a known vulnerability in the OpenOffice Word document parsing routine. A successful attack can lead to an integer underflow and arbitrary remote code execution within the context of the client.
Extended Description
OpenOffice is prone to multiple remote heap-based buffer-overflow vulnerabilities because of errors in processing certain files. Remote attackers can exploit these issues by enticing victims into opening maliciously crafted files. Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service. The issues affect OpenOffice 3.1. NOTE: These issues may be related to the issues described in BID 36186 (OpenOffice Prior to 3.1.1 Multiple Unspecified Security Vulnerabilities). We will update this BID when more information becomes available.
Affected Products
Debian linux
Short Name
HTTP:STC:DL:OO-WORD-TABLE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2009-0200 CVE-2009-0201 Document Integer OpenOffice Parsing Table Underflow Word bid:36200
Release Date
09/30/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3731
False Positive
Unknown
Vendors
Red_hat
Suse
Sun
Avaya
Openoffice
Ubuntu
Mandriva
Debian
CVSS Score
9.3