CVE-2009-2950Out-of-bounds Write in Apache Openoffice

CWE-787Out-of-bounds Write7 documents6 sources
Severity
9.3CRITICALNVD
EPSS
24.6%
top 3.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apache OpenofficeCanonical Ubuntu LinuxDebian Linux
Timeline
PublishedFeb 16
Latest updateMay 2

Description

Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDapache/openoffice< 3.2.0

Also affects: Debian Linux 4.0, 5.0, Ubuntu Linux 8.04, 8.10, 9.04, 9.10

Patches

Patch: www.openoffice.orgPatch: www.openoffice.orgPatch: www.vupen.com

🔴Vulnerability Details

2
GHSA
GHSA-jc5p-6484-2396: Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter2022-05-02
CVEList
CVE-2009-2950: Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter2010-02-16

📋Vendor Advisories

2
Ubuntu
OpenOffice.org vulnerabilities2010-02-24
Red Hat
openoffice.org: GIF file parsing heap overflow2010-02-12

💬Community

2
Bugzilla
CVE-2009-2950 openoffice.org: GIF file parsing heap overflow2009-10-06
Bugzilla
CVE-2009-2949 openoffice.org: integer overflow in XPM processing2009-10-06
CVE-2009-2950 — Out-of-bounds Write in Apache | cvebase