Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-0941


The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow.


Published

2005-05-02T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.1 (MEDIUM)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: HIGH
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

4.9

Impact Score

6.4

Weaknesses
  • Type: Primary
    NVD-CWE-Other

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application openoffice openoffice 1.0.1 Yes
Application openoffice openoffice 1.0.2 Yes
Application openoffice openoffice 1.1.0 Yes
Application openoffice openoffice 1.1.1 Yes
Application openoffice openoffice 1.1.2 Yes
Application openoffice openoffice 1.1.3 Yes
Application openoffice openoffice 1.1.4 Yes

References