HTTP: OpenOffice TIFF File Parsing Integer Overflow
This signature detects attempts to exploit a known vulnerability in OpenOffice TIFF File Parsing Library. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
OpenOffice is prone to multiple remote integer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Remote attackers may exploit these issues by enticing victims into opening maliciously crafted TIFF files. An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
Affected Products
Debian linux
Short Name
HTTP:STC:DL:OPENOFFICE-TIFF-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2007-2834 File Integer OpenOffice Overflow Parsing TIFF bid:25690
Release Date
07/21/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Sun
Rpath
Openoffice
Ubuntu
Mandriva
Foresight_linux
Debian
CVSS Score
9.3