CVE-2006-3117

Publication date 30 June 2006

Last updated 24 July 2024

Ubuntu priority

Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka “File Format / Buffer Overflow Vulnerability.”

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
openoffice.org	7.04 feisty	Fixed 2.2.0-1ubuntu4
	6.10 edgy	Fixed 2.0.4-0ubuntu6
	6.06 LTS dapper	Fixed 2.0.2-2ubuntu12.4
openoffice.org-amd64	7.04 feisty	Not in release
	6.10 edgy	Not in release
	6.06 LTS dapper	Fixed 2.0.2-2ubuntu12.4-1
openoffice.org-l10n	7.04 feisty	Fixed 2.0.4-0ubuntu1
	6.10 edgy	Fixed 2.0.4-0ubuntu1
	6.06 LTS dapper	Ignored end of life

References

Related Ubuntu Security Notices (USN)

USN-313-2
OpenOffice.org vulnerabilities
19 July 2006

USN-313-1
OpenOffice.org vulnerabilities
12 July 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-3117