Die siberas GmbH ein auf Sicherheitsanalysen und Penetrationstests spezialisiertes Beratungsunternehmen, welches Sie herstellerunabhängig und kompetent im Bereich IT-Sicherheit berät.
OpenOffice <3.2 GIF file parsing Heap Overflow
Reference ID: SSA-1001A Heap Overflow has been discovered in OpenOffice (versions <3.2) which can be triggered with a maliciously crafted GIF file. The severity was rated as “medium” because we can only write a limited number of rather uncontrolled bytes beyond the buffer boundaries. This makes it very unlikely that the vulnerability will be exploited in real-world scenarios.
References:
CVE-2009-2950
OpenOffice Security Advisory