REDHAT-BUG-527540: Integer Overflow
First published: Tue Oct 06 2009(Updated: )
It was reported that it was possible to trigger an integer overflow that leads to a heap overflow due to the way OpenOffice.org parsed XPM files. This could allow an attacker to execute abitrary code with the permissions of the user running OpenOffice.org, provided they could coerce them to open a malicious document containing a specially crafted XPM file. This is not restricted to XPM files alone, but to embedded XPM files in OpenOffice.org documents. The vulnerability can be found in XPMReader::ReadXPM (source/filter.vcl/ixpm/svt_xpmread.cxx) This vulnerability has been assigned <a href="https://access.redhat.com/security/cve/CVE-2009-2949">CVE-2009-2949</a>.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache OpenOffice |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2009-2949
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=365265&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=365265&action=edit
- https://access.redhat.com/security/cve/CVE-2009-2950
- http://www.openoffice.org/security/bulletin.html
- http://www.openoffice.org/security/cves/CVE-2009-2949.html
- https://rhn.redhat.com/errata/RHSA-2010-0101.html
- http://admin.fedoraproject.org/updates/openoffice.org-3.1.1-19.12.fc11
- http://admin.fedoraproject.org/updates/openoffice.org-3.1.1-19.26.fc12
- https://bugzilla.redhat.com/show_bug.cgi?id=527540
Frequently Asked Questions
What is the severity of REDHAT-BUG-527540?
The severity of REDHAT-BUG-527540 is high due to the potential for remote code execution.
How do I fix REDHAT-BUG-527540?
To fix REDHAT-BUG-527540, ensure that you update Apache OpenOffice to the latest patched version.
What software is affected by REDHAT-BUG-527540?
The affected software for REDHAT-BUG-527540 includes Apache OpenOffice.
Can REDHAT-BUG-527540 lead to unauthorized access?
Yes, REDHAT-BUG-527540 can lead to unauthorized access through arbitrary code execution when XPM files are opened.
Is there a workaround for REDHAT-BUG-527540?
A workaround for REDHAT-BUG-527540 is to avoid opening untrusted XPM files using Apache OpenOffice.
- agent/references
- agent/type
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-2949
- agent/first-publish-date
- agent/source
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/apache
- canonical/apache openoffice