CVE-2006-5870
Published: 31 December 2006
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records.
Priority
Status
Package | Release | Status |
---|---|---|
openoffice.org Launchpad, Ubuntu, Debian |
dapper |
Released
(2.0.2-2ubuntu12.4)
|
edgy |
Not vulnerable
|
|
feisty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
openoffice.org-amd64 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.0.2-2ubuntu12.4-1)
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
openoffice.org-l10n Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Released
(2.2.0-0ubuntu2)
|
|
upstream |
Needs triage
|