CVE-2007-2834

CWE-190Integer Overflow8 documents6 sources
Severity
9.3CRITICAL
EPSS
14.7%
top 5.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apache OpenofficeCanonical Ubuntu LinuxDebian Debian Linux+1 more
Timeline
PublishedSep 18
Latest updateMay 1

Description

Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDapache/openoffice< 2.3.0
NVDsun/staroffice6.0, 7.0, 8.0+2

Also affects: Debian Linux 3.1, 4.0, Ubuntu Linux 6.06, 6.10, 7.04

Patches

Patch: www.debian.orgPatch: www.openoffice.orgPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-9vj3-8mhr-2vxc: Integer overflow in the TIFF parser in OpenOffice2022-05-01
CVEList
CVE-2007-2834: Integer overflow in the TIFF parser in OpenOffice2007-09-18

📋Vendor Advisories

2
Ubuntu
OpenOffice.org vulnerability2007-10-04
Red Hat
openoffice.org TIFF parsing heap overflow2007-09-17

💬Community

3
Bugzilla
CVE-2007-2834 openoffice.org TIFF parsing heap overflow [F7]2007-09-17
Bugzilla
CVE-2007-2834 openoffice.org TIFF parsing heap overflow [FC6]2007-09-17
Bugzilla
CVE-2007-2834 openoffice.org TIFF parsing heap overflow2007-08-13
CVE-2007-2834 (CRITICAL CVSS 9.3) | Integer overflow in the TIFF parser | cvebase.io