CVE-2009-0259
Published: 22 January 2009
The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841.
Priority
Status
Package | Release | Status |
---|---|---|
openoffice.org Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(2.0.2-2ubuntu12)
|
gutsy |
Not vulnerable
|
|
hardy |
Not vulnerable
|
|
intrepid |
Not vulnerable
|
|
upstream |
Needs triage
|