*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: openoffice.org >From the Debian security advisory DSA 1547-1: "CVE-2007-5745, CVE-2007-5747 Several bugs have been discovered in the way OpenOffice.org parses Quattro Pro files that may lead to a overflow in the heap potentially leading to the execution of arbitrary code. CVE-2007-5746 Specially crafted EMF files can trigger a buffer overflow in the heap that may lead to the execution of arbitrary code. CVE-2008-0320 A bug has been discovered in the processing of OLE files that can cause a buffer overflow in the heap potentially leading to the execution of arbitrary code." [...] "For the stable distribution (etch) these problems have been fixed in version 2.0.4.dfsg.2-7etch5. For the testing (lenny) and unstable (sid) distributions these problems have been fixed in version 2.4.0~ooh680m5-1." http://www.debian.org/security/2008/dsa-1547 ** Affects: openoffice.org (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-5745 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-5746 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-5747 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-0320 -- Multiple vulnerabilities in OpenOffice.org (CVE-2007-574{5-7}, CVE-2008-0320) https://bugs.launchpad.net/bugs/218640 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
