OpenOffice RTF File Parsing Buffer Overflow Vulnerability Date: Wednesday, June 13, 2007 @ 18:39:54 CDT Topic: Security SECUNIA ADVISORY ID: SA25648 VERIFY ADVISORY: http://secunia.com/advisories/25648/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: OpenOffice 1.1.x - http://secunia.com/product/302/ OpenOffice.org 2.x - http://secunia.com/product/6157/ OpenOffice 1.0.x - http://secunia.com/product/303/ DESCRIPTION: A vulnerability has been reported in OpenOffice, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the parsing of RTF files and can be exploited to cause a heap based buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. SOLUTION: Do not open untrusted RTF files. PROVIDED AND/OR DISCOVERED BY: Reported in a Debian advisory crediting John Heasman. ORIGINAL ADVISORY: http://www.us.debian.org/security/2007/dsa-1307 This article comes from Ravens PHP Scripts https://www.ravenphpscripts.com The URL for this story is: https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2957