Heap-based Buffer Overflow in Go-oo Affected by EMF Files
CVE-2009-2139

Currently unrated

Key Information:

Vendor

Oracle
Status
Openoffice.org
Vendor
CVE Published:
8 September 2009

What is CVE-2009-2139?

A heap-based buffer overflow vulnerability exists in Go-oo versions 2.x and 3.x prior to 3.0.1, allowing remote attackers to execute arbitrary code. This flaw, found in the enhancement of the WMF file processing, can be exploited using specially crafted Enhanced Metafile (EMF) files, which may lead to the corruption of memory and subsequent execution of malicious code. The issue is reminiscent of previous vulnerabilities and highlights the importance of keeping software updated to mitigate risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://cgit.freedesktop.org/ooo-build/ooo-build/commit/?i...
x_refsource_CONFIRM

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.