Integer Overflow in TIFF Parser Affecting OpenOffice.org and Sun StarOffice
CVE-2007-2834

Currently unrated

Key Information:

Vendor

Oracle
Status
Staroffice
Starsuite
Openoffice
Vendor
CVE Published:
18 September 2007

What is CVE-2007-2834?

The TIFF parser in OpenOffice.org prior to version 2.3 and Sun StarOffice 6, 7, and 8 is vulnerable to an integer overflow. This occurs when the parser processes a specially crafted TIFF file with manipulated field values. Such exploitation can lead to the allocation of incorrect memory amounts, ultimately causing a heap-based buffer overflow which may allow remote attackers to execute arbitrary code on the victim's machine. As a result, users of affected versions are at risk of exploitation through malicious TIFF files.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...
vendor-advisoryx_refsource_SUNALERT
http://bugs.gentoo.org/show_bug.cgi?id=192818
x_refsource_CONFIRM
http://secunia.com/advisories/26816
third-party-advisoryx_refsource_SECUNIA

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.