lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20061217180514.31ce0b1d@localhost>
Date: Sun, 17 Dec 2006 18:05:14 +0800
From: Kamchybek Jusupov <kjusupov@...il.com>
To: "Bruno Lustosa" <bruno.lists@...il.com>
Cc: bugtraq@...urityfocus.com
Subject: Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS
 Word 0 day vulnerability!!!


It's openoffice-2.0.4 (gentoo), and it did crashed with the below
error...

synack ~ $ oowriter2 12122006-djtest.doc 
Application ErrorApplication Error

Fatal exception: Signal 6
Stack:
/usr/lib/openoffice/program/libuno_sal.so.3[0xb71b0424]
/lib/libc.so.6(malloc+0x7f)[0xb6b52cff]
/usr/lib/openoffice/program/soffice: line 254: 24654
Aborted                 "$sd_prog/$sd_binary" "$@"

** (process:24639): WARNING **: Unknown error forking main binary /
abnormal early exit ...


On Fri, 15 Dec 2006 16:07:20 -0200 / Bruno Lustosa wrote:
With a subject: Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is
vulnerable to MS Word 0 day vulnerability!!!

> On 15 Dec 2006 09:49:54 -0000, gplit@...lit.com <gplit@...lit.com>
> wrote:
> > try yourself with OpenOffice.org 2.1:
> > http://www.milw0rm.com/sploits/12122006-djtest.doc
> 
> Crashed OpenOffice.org 2.1 on my Linux system (Gentoo using
> openoffice-bin 2.1.0).
> Anyone tried it under Windows?
> 


-- 
Rgds,
Kamchybek Jusupov

Attitude is no substitude for competence...
GPG Key: C565 2827 0858 ECFE 74D7  A556 7B09 59DA B6C8 FF8C

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ