CVE-2007-5747

CWE-189CWE-190Integer Overflow6 documents6 sources
Severity
6.8MEDIUM
EPSS
5.8%
top 9.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN Openoffice.org
Timeline
PublishedApr 17
Latest updateMay 1

Description

Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDsun/openoffice.org2.3.0+4

Patches

Patch: www.debian.orgPatch: www.openoffice.orgPatch: www.openoffice.org

🔴Vulnerability Details

2
GHSA
GHSA-p9rp-v9p7-xfmx: Integer underflow in OpenOffice2022-05-01
CVEList
CVE-2007-5747: Integer underflow in OpenOffice2008-04-17

📋Vendor Advisories

2
Ubuntu
OpenOffice.org vulnerabilities2008-05-06
Red Hat
openoffice.org: Quattro Pro files parsing integer underflow2008-04-17

💬Community

1
Bugzilla
CVE-2007-5747 openoffice.org: Quattro Pro files parsing integer underflow2008-03-03
CVE-2007-5747 (MEDIUM CVSS 6.8) | Integer underflow in OpenOffice.org | cvebase.io