‫ OpenOffice.org PLCF and XML Data Parsing Vulnerabilities

IRCAD2013072814
ID:IRCAD2013072814
Release Date: 2013-07-26
Criticality level: Highly critical
Software:
OpenOffice.org 3.x
 
Description:
Two vulnerabilities have been reported in OpenOffice.org, which can be exploited by malicious people to potentially compromise a user's system.
1)    An unspecified error when handling PLCF (Plex of Character Positions in File) data within DOC files can be exploited to cause memory corruption.
2)    An unspecified error when parsing XML elements within OOXML document files (DOCM) can be exploited to cause memory corruption.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in versions 3.4.0 and 3.4.1. Prior versions may also be affected.
 
Solution:
Upgrade to version 4.0
 
References:
 
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 9 مرداد 1392

امتیاز

امتیاز شما
تعداد امتیازها:0