CVE-2006-5870

CWE-1897 documents6 sources
Severity
9.3CRITICAL
EPSS
18.5%
top 4.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Openoffice OpenofficeSUN Staroffice
Timeline
PublishedDec 31
Latest updateMay 3

Description

Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDsun/staroffice6.0, 7.0, 8.0+2

Patches

Patch: www.openoffice.orgPatch: www.redhat.comPatch: www.openoffice.org

🔴Vulnerability Details

2
GHSA
GHSA-564p-qwx9-wr9r: Multiple integer overflows in OpenOffice2022-05-03
CVEList
CVE-2006-5870: Multiple integer overflows in OpenOffice2007-01-04

📋Vendor Advisories

2
Ubuntu
OpenOffice.org vulnerability2007-01-12
Red Hat
security flaw2007-01-03

💬Community

2
Bugzilla
CVE-2006-5870 security flaw2018-08-16
Bugzilla
CVE-2006-5870 WMF heap overflow2006-11-27
CVE-2006-5870 (CRITICAL CVSS 9.3) | Multiple integer overflows in OpenO | cvebase.io