Integer Overflow in TIFF Parser Affecting OpenOffice.org and Sun StarOffice
CVE-2007-2834

Currently unrated

Key Information:

Vendor: Oracle
Status: Staroffice; Starsuite; Openoffice
Vendor: CVE Published:; 18 September 2007

What is CVE-2007-2834?

The TIFF parser in OpenOffice.org prior to version 2.3 and Sun StarOffice 6, 7, and 8 is vulnerable to an integer overflow. This occurs when the parser processes a specially crafted TIFF file with manipulated field values. Such exploitation can lead to the allocation of incorrect memory amounts, ultimately causing a heap-based buffer overflow which may allow remote attackers to execute arbitrary code on the victim's machine. As a result, users of affected versions are at risk of exploitation through malicious TIFF files.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

http://bugs.gentoo.org/show_bug.cgi?id=192818

x_refsource_CONFIRM

http://secunia.com/advisories/26816

third-party-advisoryx_refsource_SECUNIA

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 18, 2007
Vulnerability Reserved
May 24, 2007

Oracle

What is CVE-2007-2834?

References

EPSS Score

Timeline