CVE-2007-2834

OpenOffice.org < 2.3 - Remote Code Execution via TIFF Parser Integer Overflow

Title source: llm

Description

Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.

References (33)

Core 33

Core References

Broken Link, Third Party Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200190-1

Issue Tracking, Third Party Advisory x_refsource_confirm

http://bugs.gentoo.org/show_bug.cgi?id=192818

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26816

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26839

Broken Link, Third Party Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/usn-524-1

Broken Link, Issue Tracking, Third Party Advisory x_refsource_confirm

https://issues.rpath.com/browse/RPL-1740

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26855

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1018702

Broken Link, Third Party Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102994-1

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2007-09/msg00002.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26903

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200710-24.xml

Broken Link, Third Party Advisory third-party-advisory x_refsource_idefense

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=593

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27370

Third Party Advisory, URL Repurposed vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2007:186

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/3262

Patch, Vendor Advisory x_refsource_confirm

http://www.openoffice.org/security/cves/CVE-2007-2834.html

Broken Link, Third Party Advisory vendor-advisory x_refsource_fedora

http://fedoranews.org/updates/FEDORA-2007-700.shtml

Third Party Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2007-0848.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26844

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26891

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/479965/100/0/threaded

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27087

Patch, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/25690

Third Party Advisory vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9967

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/3184

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26861

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26817

Patch, Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2007/dsa-1375

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/36656

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26912

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/27077

Broken Link, Third Party Advisory vendor-advisory x_refsource_fedora

http://fedoranews.org/updates/FEDORA-2007-237.shtml

Scores

EPSS 0.1520

EPSS Percentile 94.7%

Details

CWE

CWE-190

Status published

Products (10)

apache/openoffice < 2.3.0

canonical/ubuntu_linux 6.06

canonical/ubuntu_linux 6.10

canonical/ubuntu_linux 7.04

debian/debian_linux 3.1

debian/debian_linux 4.0

sun/staroffice 6.0

sun/staroffice 7.0

sun/staroffice 8.0

sun/starsuite

Published Sep 18, 2007

Tracked Since Feb 18, 2026