CVE-2007-5747

Currently unrated

Key Information:

Vendor: Oracle
Status: Openoffice.org
Vendor: CVE Published:; 17 April 2008

Summary

Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.

References

http://secunia.com/advisories/29913

third-party-advisoryx_refsource_SECUNIA

http://www.redhat.com/support/errata/RHSA-2008-0175.html

vendor-advisoryx_refsource_REDHAT

http://secunia.com/advisories/29852

third-party-advisoryx_refsource_SECUNIA

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 17, 2008
Vulnerability Reserved
Oct 31, 2007