CVE-2009-2949 — Integer Overflow or Wraparound in Apache Openoffice

CWE-190 — Integer Overflow or Wraparound6 documents6 sources

Severity

9.3CRITICALNVD

EPSS

57.9%

top 1.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Openoffice Canonical Ubuntu Linux Debian Linux

Timeline

PublishedFeb 16

Latest updateMay 2

Description

Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDapache/openoffice< 3.2.0

Also affects: Debian Linux 4.0, 5.0, Ubuntu Linux 8.04, 8.10, 9.04, 9.10

Patches

Patch: www.vupen.com ↗Patch: www.vupen.com ↗

🔴Vulnerability Details

GHSA

GHSA-w328-4vjc-f7p4: Integer overflow in the XPMReader::ReadXPM function in filter↗2022-05-02

▶

CVEList

CVE-2009-2949: Integer overflow in the XPMReader::ReadXPM function in filter↗2010-02-16

▶

📋Vendor Advisories

Ubuntu

OpenOffice.org vulnerabilities↗2010-02-24

▶

Red Hat

openoffice.org: integer overflow in XPM processing↗2010-02-12

▶

💬Community

Bugzilla

CVE-2009-2949 openoffice.org: integer overflow in XPM processing↗2009-10-06

▶