CVE-2007-5746

Published: 17 April 2008

Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.

Priority

Status

Package	Release	Status
hsqldb Launchpad, Ubuntu, Debian	dapper	Not vulnerable
	feisty	Not vulnerable
	gutsy	Not vulnerable
	hardy	Not vulnerable
	upstream	Not vulnerable
openoffice.org Launchpad, Ubuntu, Debian	dapper	Released (2.0.2-2ubuntu12.6)
	feisty	Released (2.2.0-1ubuntu6)
	gutsy	Released (1:2.3.0-1ubuntu5.4)
	hardy	Not vulnerable (1:2.4.0-3ubuntu6)
	upstream	Released (2.4)
openoffice.org-amd64 Launchpad, Ubuntu, Debian	dapper	Released (2.0.2-2ubuntu12.6-1)
openoffice.org-amd64 Launchpad, Ubuntu, Debian	upstream	Needs triage

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE-2007-5746

Priority

Status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading