漏洞信息详情

OpenOffice TIFF文件解析器多个整数溢出漏洞

  • CNNVD编号:CNNVD-200709-259
  • 危害等级: 超危
  • CVE编号: CVE-2007-2834
  • 漏洞类型: 数字错误
  • 发布时间: 2007-09-18
  • 威胁类型: 远程
  • 更新时间: 2007-10-29
  • 厂        商: gentoo
  • 漏洞来源: Martin Schulze※ jo...

漏洞简介

OpenOffice(OOo)是美国阿帕奇(Apache)软件基金会的一款开源的办公软件套件。该套件包含文本文档、电子表格、演示文稿、绘图、数据库等。

OpenOffice处理包含畸形数据的文档时存在漏洞,远程攻击者可能利用此漏洞通过诱使用户打开恶意文档控制用户系统。

OpenOffice组件的TIFF解析代码在解析TIFF目录项的某些标签时,解析器使用了文件中不可信任的值计算所要分配的内存数,因此如果用户提供了特定值的话就会在计算中出现整数溢出,导致分配不充分的缓冲区,而这又会触发堆溢出。成功利用这个漏洞允许攻击者以打开文件用户的权限执行任意指令。

漏洞公告

Debian已经为此发布了一个安全公告(DSA-1375-1)以及相应补丁:

DSA-1375-1:New OpenOffice.org packages fix arbitrary code execution

链接:

http://www.debian.org/security/2007/dsa-1375

补丁下载:

Source archives:

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge8.dsc

Size/MD5 checksum: 2878 9c31601926b8ddc7f06a0c58159eeb03

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3-9sarge8.diff.gz

Size/MD5 checksum:4632139 9ae242bbbf6b852403ce12a4eeb1ceab

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_1.1.3.orig.tar.gz

Size/MD5 checksum: 166568714 5250574bad9906b38ce032d04b765772

Architecture independent components:

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-af_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2649162 3d3751fe53371a3d1fd3fc1fde23787a

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ar_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2696862 bede6b5df8f3f57f1bb13974a4d13dab

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ca_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2694288 ab33f242138904559a8ca38c47696b1a

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cs_1.1.3-9sarge8_all.deb

Size/MD5 checksum:3588688 0db831ea84f839696348c95f6fbfd04f

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cy_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2665440 92908da0696bd52959aa834310685f33

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-da_1.1.3-9sarge8_all.deb

Size/MD5 checksum:3584426 c2a422efbbf91d5ea1839149dff73a49

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-de_1.1.3-9sarge8_all.deb

Size/MD5 checksum:3455744 4949b6e92adc58e5b7c277b4aeb93b05

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-el_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2744376 5817d2f7eca5932156f71e21a795f456

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-en_1.1.3-9sarge8_all.deb

Size/MD5 checksum:3527534 acaae7e04e57af77cafdb1f29577dc90

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-es_1.1.3-9sarge8_all.deb

Size/MD5 checksum:3564508 67d6f2b7bfb16dfb46e1abe340d5f895

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-et_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2646854 eea0ced6a89beed3fd7fe570f57d88d8

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-eu_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2671096 3dc5be77a468939f36f7d4baeb2c8b7b

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-fi_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2676380 4a1e550f841eaf793673aaf3a6bd163e

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-fr_1.1.3-9sarge8_all.deb

Size/MD5 checksum:3496440 91e735a2184c79472bebd0585f3b2aa1

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-gl_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2659806 4d91a82ae2900e986d60741d5236aa91

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-he_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2662126 ccc19e4a8647ac662b57bc25bbe61c95

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-hi_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2698878 0f3b6a40309a0aad29ee0e4094f8a218

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-hu_1.1.3-9sarge8_all.deb

Size/MD5 checksum:2773150 fc36748a89a6ab9695ece78b711de7a2

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-it_1.1.3-9sarge8_all.deb

Size/MD5 checksum:3558294 48aee4c9c59dd2212fd949c929f978cf

http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ja_1.1.3-9sarge8_all.deb

Size/MD5 checksum:3565288 cbb6b29ab5ac6e79bbf39be7e5276c9f

http://security.

参考网址

来源: BID

名称: 25690

链接:http://www.securityfocus.com/bid/25690

来源: www.openoffice.org

链接:http://www.openoffice.org/security/cves/CVE-2007-2834.html

来源: DEBIAN

名称: DSA-1375

链接:http://www.debian.org/security/2007/dsa-1375

来源: issues.rpath.com

链接:https://issues.rpath.com/browse/RPL-1740

来源: XF

名称: openoffice-tiff-bo(36656)

链接:http://xforce.iss.net/xforce/xfdb/36656

来源: UBUNTU

名称: USN-524-1

链接:http://www.ubuntu.com/usn/usn-524-1

来源: BUGTRAQ

名称: 20070919 FLEA-2007-0056-1 openoffice.org

链接:http://www.securityfocus.com/archive/1/archive/1/479965/100/0/threaded

来源: REDHAT

名称: RHSA-2007:0848

链接:http://www.redhat.com/support/errata/RHSA-2007-0848.html

来源: MANDRIVA

名称: MDKSA-2007:186

链接:http://www.mandriva.com/security/advisories?name=MDKSA-2007:186

来源: VUPEN

名称: ADV-2007-3262

链接:http://www.frsirt.com/english/advisories/2007/3262

来源: VUPEN

名称: ADV-2007-3184

链接:http://www.frsirt.com/english/advisories/2007/3184

来源: SUNALERT

名称: 102994

链接:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102994-1

来源: SECTRACK

名称: 1018702

链接:http://securitytracker.com/id?1018702

来源: GENTOO

名称: GLSA-200710-24

链接:http://security.gentoo.org/glsa/glsa-200710-24.xml

来源: SECUNIA

名称: 27370

链接:http://secunia.com/advisories/27370

来源: SECUNIA

名称: 27087

链接:http://secunia.com/advisories/27087

来源: SECUNIA

名称: 27077

链接:http://secunia.com/advisories/27077

来源: SECUNIA

名称: 26912

链接:http://secunia.com/advisories/26912

来源: SECUNIA

名称: 26903

链接:http://secunia.com/advisories/26903

来源: SECUNIA

名称: 26891

链接:http://secunia.com/advisories/26891

来源: SECUNIA

名称: 26861

链接:http://secunia.com/advisories/26861

来源: SECUNIA

名称: 26855

链接:http://secunia.com/advisories/26855

来源: SECUNIA

名称: 26844

链接:http://secunia.com/advisories/26844

来源: SECUNIA

名称: 26839

链接:http://secunia.com/advisories/26839

来源: SECUNIA

名称: 26817

链接:http://secunia.com/advisories/26817

来源: SECUNIA

名称: 26816

链接:http://secunia.com/advisories/26816

来源: SUSE

名称: SUSE-SA:2007:052

链接:http://lists.opensuse.org/opensuse-security-announce/2007-09/msg00002.html

来源: IDEFENSE

名称: 20070917 Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities

链接:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=593

来源: FEDORA

名称: FEDORA-2007-700

链接:http://fedoranews.org/updates/FEDORA-2007-700.shtml

来源: FEDORA

名称: FEDORA-2007-2372

链接:http://fedoranews.org/updates/FEDORA-2007-237.shtml

来源: bugs.gentoo.org

链接:http://bugs.gentoo.org/show_bug.cgi?id=192818

来源: SUNALERT

名称: 200190

链接:http://sunsolve.sun.com/search/document.do?assetkey=1-66-200190-1

受影响实体

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多