CVE-2007-2834

Related Files

Gentoo Linux Security Advisory 200710-24

Posted Oct 23, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-24 - iDefense Labs reported that the TIFF parsing code uses untrusted values to calculate buffer sizes, which can lead to an integer overflow resulting in heap-based buffer overflow. Versions less than 2.3.0 are affected.

tags | advisory, overflow

systems | linux, gentoo

advisories | CVE-2007-2834

SHA-256 | 7b27a63ec705a743f8dea1f85957f1c1d82334922e89302a8a24c3c92681bb31

Download | Favorite | View

Ubuntu Security Notice 524-1

Posted Oct 5, 2007

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 524-1 - An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, overflow, arbitrary

systems | linux, ubuntu

advisories | CVE-2007-2834

SHA-256 | d679c6e0a877e8dbdd863c4cf4253bbec18d9365f65b6eecc313749f6295aa68

Download | Favorite | View

Mandriva Linux Security Advisory 2007.186

Posted Sep 21, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - An integer overflow in the TIFF parser in OpenOffice.org prior to version 2.3 allows remote attackers to execute arbitrary code via a TIFF file with crafted values which triggers the allocation of an incorrect amount of memory which results in a heap-based buffer overflow.

tags | advisory, remote, overflow, arbitrary

systems | linux, mandriva

advisories | CVE-2007-2834

SHA-256 | 873fe58eb3cdeaf930f82bc8bc62da634d2e3943e43cfb9ded37034dec99c419

Download | Favorite | View

iDEFENSE Security Advisory 2007-09-17.1

Posted Sep 18, 2007

Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.17.07 - Remote exploitation of multiple integer overflow vulnerabilities within OpenOffice, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code. iDefense has confirmed the existence of these vulnerabilities in OpenOffice version 2.0.4. All versions prior to version 2.3 are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary, vulnerability

advisories | CVE-2007-2834

SHA-256 | 80f35f17608e9804ce33065672ea577a22c9aa27649c9cffcf54c480734c87a7

Download | Favorite | View

Debian Linux Security Advisory 1375-1

Posted Sep 18, 2007

Authored by Debian | Site debian.org

Debian Security Advisory 1375-1 - A heap overflow vulnerability has been discovered in the TIFF parsing code of the OpenOffice.org suite. The parser uses untrusted values from the TIFF file to calculate the number of bytes of memory to allocate. A specially crafted TIFF image could trigger an integer overflow and subsequently a buffer overflow that could cause the execution of arbitrary code.

tags | advisory, overflow, arbitrary

systems | linux, debian

advisories | CVE-2007-2834

SHA-256 | d13e279ca1736063ab47b11e49cdd5989ea0d7a84f8198812e7218116705a0fd

Download | Favorite | View