Update Protection against OpenOffice OLE File Stream Buffer Overflow
| Check Point Reference: | CPAI-2008-294 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA29852 | |
| Industry Reference(s): | CVE-2008-0320 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? OpenOffice.org OpenOffice Prior to 2.4 | ||
| Vulnerability Description OpenOffice.org is an open source office suite. The suite includes a word processor, a spreadsheet application, a presentation creator, an illustration drawer, a desktop database, and an equation editor. The product is made available for multiple platforms and languages. |
||
|
Vulnerability Details A heap overflow vulnerability exists in the OpenOffice software suite. The vulnerability is due to the way OpenOffice imports OLE files. A remote attacker could exploit this vulnerability by persuading a user to open an OLE file, potentially causing arbitrary code to be injected and executed in the security context of the logged in user. In an attack case where code injection is not successful, all instances of the vulnerable OpenOffice application will terminate and unsaved data might be lost. In a more sophisticated attack scenario where code injection is successful, the behaviour of the target host is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the current user. The affected application would also most likely stop functioning as a result of such an attack. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.