Package: openoffice.org Version: 1.1.3-8 Severity: grave Justification: user security hole Tags: sarge sid experimental pending
from full-disclosure (http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0218.html): OpenOffice DOC document Heap Overflow [Security Advisory] Advisory:[AD_LAB-05001] OpenOffice DOC document Heap Overflow Class: Design Error DATE:30/3/2005 CVEID:CAN-2005-0941 Vulnerable: <=OpenOffice OpenOffice 1.1.4 -OpenOffice OpenOffice 2.0dev Unvulnerable: Unknow Vendor: www.openoffice.org I.DESCRIPTION: - ------------- OpenOffice.org is an office productivity suite, including word processing, spreadsheets, presentations, drawings, data charting, formula editing, and file conversion facilities. The vulnerability is caused due to a error within the .Doc document header processing.This can be exploited to cause a heap-based buffer overflow. [...] -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable'), (400, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages openoffice.org depends on: ii dictionaries-common [openoffi 0.25.4 Common utilities for spelling dict ii openoffice.org-bin 1.1.3-8 OpenOffice.org office suite binary ii openoffice.org-debian-files 1.1.3-8+1 Debian specific parts of OpenOffic ii openoffice.org-l10n-de [openo 1.1.3-8 German language package for OpenOf ii openoffice.org-l10n-en [openo 1.1.3-8 English (US) language package for ii ttf-opensymbol 1.1.3-8 The OpenSymbol TrueType font ii xml-core 0.09 XML infrastructure and XML catalog -- no debconf information
signature.asc
Description: Digital signature
