Launchpad.net

CVE 2008-2238

Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.

Related bugs and status

CVE-2008-2238 (Candidate) is related to these bugs:

Bug #302755: Port openoffice 2.4.1-1ubuntu2.1 to dell-mini

Summary				In	Importance	Status
	302755	Port openoffice 2.4.1-1ubuntu2.1 to dell-mini		openoffice.org (Ubuntu)	Undecided	Invalid
	302755	Port openoffice 2.4.1-1ubuntu2.1 to dell-mini		The Dell Mini Project	Undecided	Fix Released

Bug #882588: LibreOffice/Mozilla integration broken

Summary				In	Importance	Status
	882588	LibreOffice/Mozilla integration broken		libreoffice (Ubuntu)	Undecided	Fix Released
	882588	LibreOffice/Mozilla integration broken		firefox (Ubuntu)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.openoffice....
DEBIAN: DSA-1661
BID: 31962
SECUNIA: 32419
SECTRACK: 1021121
SECUNIA: 32461
IDEFENSE: 20081031 OpenOffice EM...
FEDORA: FEDORA-2008-9313
FEDORA: FEDORA-2008-9333
SECUNIA: 32489
CONFIRM: http://neowiki.neooffi...
SUNALERT: 243226
SECUNIA: 32676
SUSE: SUSE-SR:2008:026
SECUNIA: 32872
UBUNTU: USN-677-2
GENTOO: GLSA-200812-13
SECUNIA: 33140
REDHAT: RHSA-2008:0939
SECUNIA: 32463
VUPEN: ADV-2008-2947
VUPEN: ADV-2008-3103
VUPEN: ADV-2008-3153
UBUNTU: USN-677-1
SECUNIA: 32856
XF: openoffice-emf-file-bo...
OVAL: oval:org.mitre.oval:de...