漏洞信息详情
OpenOffice TIFF文件解析器多个整数溢出漏洞
- CNNVD编号:CNNVD-200709-259
- 危害等级: 超危
![图片[1]-OpenOffice TIFF文件解析器多个整数溢出漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-09-08/c4e67a37c54aee8c0e1983d8333a9158.png)
- CVE编号:
CVE-2007-2834
- 漏洞类型:
数字错误
- 发布时间:
2007-09-18
- 威胁类型:
远程
- 更新时间:
2007-10-29
- 厂 商:
gentoo - 漏洞来源:
Martin Schulze※ jo… -
漏洞简介
OpenOffice(OOo)是美国阿帕奇(Apache)软件基金会的一款开源的办公软件套件。该套件包含文本文档、电子表格、演示文稿、绘图、数据库等。
OpenOffice处理包含畸形数据的文档时存在漏洞,远程攻击者可能利用此漏洞通过诱使用户打开恶意文档控制用户系统。
OpenOffice组件的TIFF解析代码在解析TIFF目录项的某些标签时,解析器使用了文件中不可信任的值计算所要分配的内存数,因此如果用户提供了特定值的话就会在计算中出现整数溢出,导致分配不充分的缓冲区,而这又会触发堆溢出。成功利用这个漏洞允许攻击者以打开文件用户的权限执行任意指令。
漏洞公告
Debian已经为此发布了一个安全公告(DSA-1375-1)以及相应补丁:
DSA-1375-1:New OpenOffice.org packages fix arbitrary code execution
链接:
http://www.debian.org/security/2007/dsa-1375
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge8.dsc
Size/MD5 checksum: 2878 9c31601926b8ddc7f06a0c58159eeb03
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge8.diff.gz
Size/MD5 checksum:4632139 9ae242bbbf6b852403ce12a4eeb1ceab
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3.orig.tar.gz
Size/MD5 checksum: 166568714 5250574bad9906b38ce032d04b765772
Architecture independent components:
Size/MD5 checksum:2649162 3d3751fe53371a3d1fd3fc1fde23787a
Size/MD5 checksum:2696862 bede6b5df8f3f57f1bb13974a4d13dab
Size/MD5 checksum:2694288 ab33f242138904559a8ca38c47696b1a
Size/MD5 checksum:3588688 0db831ea84f839696348c95f6fbfd04f
Size/MD5 checksum:2665440 92908da0696bd52959aa834310685f33
Size/MD5 checksum:3584426 c2a422efbbf91d5ea1839149dff73a49
Size/MD5 checksum:3455744 4949b6e92adc58e5b7c277b4aeb93b05
Size/MD5 checksum:2744376 5817d2f7eca5932156f71e21a795f456
Size/MD5 checksum:3527534 acaae7e04e57af77cafdb1f29577dc90
Size/MD5 checksum:3564508 67d6f2b7bfb16dfb46e1abe340d5f895
Size/MD5 checksum:2646854 eea0ced6a89beed3fd7fe570f57d88d8
Size/MD5 checksum:2671096 3dc5be77a468939f36f7d4baeb2c8b7b
Size/MD5 checksum:2676380 4a1e550f841eaf793673aaf3a6bd163e
Size/MD5 checksum:3496440 91e735a2184c79472bebd0585f3b2aa1
Size/MD5 checksum:2659806 4d91a82ae2900e986d60741d5236aa91
Size/MD5 checksum:2662126 ccc19e4a8647ac662b57bc25bbe61c95
Size/MD5 checksum:2698878 0f3b6a40309a0aad29ee0e4094f8a218
Size/MD5 checksum:2773150 fc36748a89a6ab9695ece78b711de7a2
Size/MD5 checksum:3558294 48aee4c9c59dd2212fd949c929f978cf
Size/MD5 checksum:3565288 cbb6b29ab5ac6e79bbf39be7e5276c9f
参考网址
来源: BID
名称: 25690
链接:http://www.securityfocus.com/bid/25690
来源: www.openoffice.org
链接:http://www.openoffice.org/security/cves/CVE-2007-2834.html
来源: DEBIAN
名称: DSA-1375
链接:http://www.debian.org/security/2007/dsa-1375
来源: issues.rpath.com
链接:https://issues.rpath.com/browse/RPL-1740
来源: XF
名称: openoffice-tiff-bo(36656)
链接:http://xforce.iss.net/xforce/xfdb/36656
来源: UBUNTU
名称: USN-524-1
链接:http://www.ubuntu.com/usn/usn-524-1
来源: BUGTRAQ
名称: 20070919 FLEA-2007-0056-1 openoffice.org
链接:http://www.securityfocus.com/archive/1/archive/1/479965/100/0/threaded
来源: REDHAT
名称: RHSA-2007:0848
链接:http://www.redhat.com/support/errata/RHSA-2007-0848.html
来源: MANDRIVA
名称: MDKSA-2007:186
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2007:186
来源: VUPEN
名称: ADV-2007-3262
链接:http://www.frsirt.com/english/advisories/2007/3262
来源: VUPEN
名称: ADV-2007-3184
链接:http://www.frsirt.com/english/advisories/2007/3184
来源: SUNALERT
名称: 102994
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102994-1
来源: SECTRACK
名称: 1018702
链接:http://securitytracker.com/id?1018702
来源: GENTOO
名称: GLSA-200710-24
链接:http://security.gentoo.org/glsa/glsa-200710-24.xml
来源: SECUNIA
名称: 27370
链接:http://secunia.com/advisories/27370
来源: SECUNIA
名称: 27087
链接:http://secunia.com/advisories/27087
来源: SECUNIA
名称: 27077
链接:http://secunia.com/advisories/27077
来源: SECUNIA
名称: 26912
链接:http://secunia.com/advisories/26912
来源: SECUNIA
名称: 26903
链接:http://secunia.com/advisories/26903
来源: SECUNIA
名称: 26891
链接:http://secunia.com/advisories/26891
来源: SECUNIA
名称: 26861
链接:http://secunia.com/advisories/26861
来源: SECUNIA
名称: 26855
链接:http://secunia.com/advisories/26855
来源: SECUNIA
名称: 26844
链接:http://secunia.com/advisories/26844
来源: SECUNIA
名称: 26839
链接:http://secunia.com/advisories/26839
来源: SECUNIA
名称: 26817
链接:http://secunia.com/advisories/26817
来源: SECUNIA
名称: 26816
链接:http://secunia.com/advisories/26816
来源: SUSE
名称: SUSE-SA:2007:052
链接:http://lists.opensuse.org/opensuse-security-announce/2007-09/msg00002.html
来源: IDEFENSE
名称: 20070917 Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities
链接:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=593
来源: FEDORA
名称: FEDORA-2007-700
链接:http://fedoranews.org/updates/FEDORA-2007-700.shtml
来源: FEDORA
名称: FEDORA-2007-2372
链接:http://fedoranews.org/updates/FEDORA-2007-237.shtml
来源: bugs.gentoo.org
链接:http://bugs.gentoo.org/show_bug.cgi?id=192818
来源: SUNALERT
名称: 200190
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-66-200190-1
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
