Vulnerability Name: | CVE-2009-2950 (CCN-56238) | ||||||||||||||||||||||||||||||||||||||||
Assigned: | 2009-08-23 | ||||||||||||||||||||||||||||||||||||||||
Published: | 2010-02-12 | ||||||||||||||||||||||||||||||||||||||||
Updated: | 2022-02-07 | ||||||||||||||||||||||||||||||||||||||||
Summary: | Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression. | ||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-787 | ||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2009-2950 Source: SUSE Type: Broken Link, Third Party Advisory SUSE-SA:2010:017 Source: CCN Type: RHSA-2010-0101 Important: openoffice.org security update Source: CCN Type: SA38567 OpenOffice.org 2 Multiple Vulnerabilities Source: SECUNIA Type: Broken Link 38567 Source: CCN Type: SA38568 OpenOffice.org 3 Multiple Vulnerabilities Source: SECUNIA Type: Broken Link 38568 Source: SECUNIA Type: Broken Link 38695 Source: SECUNIA Type: Broken Link 38921 Source: CCN Type: SA41818 Oracle Open Office Multiple Vulnerabilities Source: SECUNIA Type: Broken Link 41818 Source: SECUNIA Type: Broken Link 60799 Source: CCN Type: SECTRACK ID: 1023591 OpenOffice.org Flaws Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: Broken Link, Third Party Advisory, VDB Entry 1023591 Source: DEBIAN Type: Third Party Advisory DSA-1995 Source: DEBIAN Type: DSA-1995 openoffice.org -- several vulnerabilities Source: GENTOO Type: Third Party Advisory GLSA-201408-19 Source: MANDRIVA Type: Broken Link MDVSA-2010:221 Source: CONFIRM Type: Patch, Vendor Advisory http://www.openoffice.org/security/bulletin.html Source: CCN Type: OpenOffice Web Site Security Vulnerability in OpenOffice.org related to GIF file processing Source: CONFIRM Type: Patch, Vendor Advisory http://www.openoffice.org/security/cves/CVE-2009-2950.html Source: CCN Type: Oracle Critical Patch Update Advisory - October 2010 Oracle Critical Patch Update Advisory - October 2010 Source: CONFIRM Type: Third Party Advisory http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html Source: REDHAT Type: Broken Link RHSA-2010:0101 Source: BID Type: Broken Link, Third Party Advisory, VDB Entry 38218 Source: CCN Type: BID-38218 OpenOffice Prior to 3.2 Multiple Remote Code Execution Vulnerabilities Source: CCN Type: USN-903-1 OpenOffice.org vulnerabilities Source: UBUNTU Type: Third Party Advisory USN-903-1 Source: CERT Type: Third Party Advisory, US Government Resource TA10-287A Source: VUPEN Type: Broken Link, Patch ADV-2010-0366 Source: VUPEN Type: Broken Link ADV-2010-0635 Source: VUPEN Type: Broken Link ADV-2010-2905 Source: CCN Type: Red Hat Bugzilla Bug 527512 CVE-2009-2950 openoffice.org: GIF file parsing heap overflow Source: CONFIRM Type: Issue Tracking, Third Party Advisory https://bugzilla.redhat.com/show_bug.cgi?id=527512 Source: XF Type: Third Party Advisory, VDB Entry openoffice-gif-bo(56238) Source: XF Type: UNKNOWN openoffice-gif-bo(56238) Source: OVAL Type: Tool Signature oval:org.mitre.oval:def:11050 Source: SUSE Type: SUSE-SA:2010:017 OpenOffice.org security update | ||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration RedHat 6: Configuration RedHat 7: Configuration RedHat 8: Configuration RedHat 9: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
BACK |