openoffice.org: Multiple Vulnerabilities

Users of openoffice.org please be advised of a Multiple vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

MDVSA-2010:221: [MDVSA-2010:221] openoffice.org
Problem Description:

Multiple vulnerabilities was discovered and corrected in the
OpenOffice.org:

Integer overflow allows remote attackers to execute arbitrary code
via a crafted XPM file that triggers a heap-based buffer overflow
(CVE-2009-2949).

Heap-based buffer overflow allows remote attackers to cause a denial
of service (application crash) or possibly execute arbitrary code
via a crafted GIF file, related to LZW decompression (CVE-2009-2950).

Integer underflow allows remote attackers to cause a denial of
service (application crash) or possibly execute arbitrary code via
a crafted sprmTDefTable table property modifier in a Word document
(CVE-2009-3301).Read more at http://www.criticalwatch.com

 

Advertisements