CVE-2009-2949

Publication date 16 February 2010

Last updated 24 July 2024


Ubuntu priority

Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.

Status

Package Ubuntu Release Status
openoffice.org 9.10 karmic
Fixed 1:3.1.1-5ubuntu1.1
9.04 jaunty
Fixed 1:3.0.1-9ubuntu3.2
8.10 intrepid
Fixed 1:2.4.1-11ubuntu2.3
8.04 LTS hardy
Fixed 1:2.4.1-1ubuntu2.3
6.06 LTS dapper Ignored end of life

References

Related Ubuntu Security Notices (USN)

    • USN-903-1
    • OpenOffice.org vulnerabilities
    • 24 February 2010

Other references