Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.
2008-10-30T20:00:00.903
2025-04-09T00:30:58.490
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | openoffice | openoffice.org | * | Yes |
| Application | openoffice | openoffice.org | ≤ 2.4.1 | Yes |
| Application | openoffice | openoffice.org | 2.0 | Yes |
| Application | openoffice | openoffice.org | 2.0.2 | Yes |
| Application | openoffice | openoffice.org | 2.0.3 | Yes |
| Application | openoffice | openoffice.org | 2.0.4 | Yes |
| Application | openoffice | openoffice.org | 2.1 | Yes |
| Application | openoffice | openoffice.org | 2.2 | Yes |
| Application | openoffice | openoffice.org | 2.2.1 | Yes |
| Application | openoffice | openoffice.org | 2.3 | Yes |
| Application | openoffice | openoffice.org | 2.3.1 | Yes |
| Application | openoffice | openoffice.org | 2.4 | Yes |
| Application | openoffice | openoffice.org | 2.4.1 | Yes |