CVE-2008-2152

Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.

🔗 References (44)

• cve@mitrehttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=714
• cve@mitrehttp://secunia.com/advisories/30599
• cve@mitrehttp://secunia.com/advisories/30633
• cve@mitrehttp://secunia.com/advisories/30634
• cve@mitrehttp://secunia.com/advisories/30635
• cve@mitrehttp://secunia.com/advisories/31029
• cve@mitrehttp://security.gentoo.org/glsa/glsa-200807-05.xml
• cve@mitrehttp://sunsolve.sun.com/search/document.do?assetkey=1-26-237944-1
• cve@mitrehttp://www.mandriva.com/security/advisories?name=MDVSA-2008:137
• cve@mitrehttp://www.mandriva.com/security/advisories?name=MDVSA-2008:138
• cve@mitrehttp://www.openoffice.org/security/cves/CVE-2008-2152.html
• cve@mitrehttp://www.redhat.com/support/errata/RHSA-2008-0537.html
• cve@mitrehttp://www.redhat.com/support/errata/RHSA-2008-0538.html
• cve@mitrehttp://www.securityfocus.com/bid/29622
• cve@mitrehttp://www.securitytracker.com/id?1020219