Launchpad.net

CVE 2006-3117

Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."

Related bugs and status

CVE-2006-3117 (Candidate) is related to these bugs:

Bug #51435: Security Bulletin 2006-06-29

Summary				In	Importance	Status
	51435	Security Bulletin 2006-06-29		openoffice.org (Ubuntu)	Critical	Fix Released
	51435	Security Bulletin 2006-06-29		openoffice.org (Ubuntu Breezy)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.ngssoftware...
CONFIRM: http://www.openoffice....
SUNALERT: 102501
DEBIAN: DSA-1104
REDHAT: RHSA-2006:0573
SUSE: SUSE-SA:2006:040
BID: 18739
SECTRACK: 1016414
SECUNIA: 20867
SECUNIA: 20893
SECUNIA: 20911
UBUNTU: USN-313-1
SECUNIA: 20913
SECUNIA: 20910
SECUNIA: 20975
SECUNIA: 20995
GENTOO: GLSA-200607-12
UBUNTU: USN-313-2
SECUNIA: 21278
CONFIRM: https://issues.rpath.c...
SECUNIA: 22129
FEDORA: FEDORA-2007-005
SECUNIA: 23620
MANDRIVA: MDKSA-2006:118
VUPEN: ADV-2006-2607
VUPEN: ADV-2006-2621
XF: openoffice-xml-documen...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20060926 rPSA-2006-017...