Headline
CVE-2009-3301: 533038 – (CVE-2009-3301) CVE-2009-3301 OpenOffice.org Word sprmTDefTable Memory Corruption
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.
Description Josh Bressers 2009-11-04 19:03:24 UTC
An integer underflow flaw, possibly leading to a heap-based buffer overflow, was found in the way OpenOffice.org parsed certain records in Microsoft Word documents. An attacker could create a specially-crafted Microsoft Word document, which once opened by a local, unsuspecting user, could cause OpenOffice.org to crash or, potentially, execute arbitrary code with the permissions of the user running OpenOffice.org.
Credit: Nicolas Joly of VUPEN Vulnerability Research Team
Comment 10 Fedora Update System 2010-02-16 13:02:06 UTC
openoffice.org-3.1.1-19.26.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
Comment 11 Fedora Update System 2010-02-16 13:23:54 UTC
openoffice.org-3.1.1-19.12.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.