[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20061218192310.GA15708@suse.de>
Date: Mon, 18 Dec 2006 20:23:10 +0100
From: Marcus Meissner <meissner@...e.de>
To: Kamchybek Jusupov <kjusupov@...il.com>
Cc: Bruno Lustosa <bruno.lists@...il.com>, bugtraq@...urityfocus.com
Subject: Re: Flaw in OpenOffice.org 2.1: OpenOffice 2.1 is vulnerable to MS Word 0 day vulnerability!!!
On Sun, Dec 17, 2006 at 06:05:14PM +0800, Kamchybek Jusupov wrote:
>
> It's openoffice-2.0.4 (gentoo), and it did crashed with the below
> error...
>
> synack ~ $ oowriter2 12122006-djtest.doc
> Application ErrorApplication Error
>
> Fatal exception: Signal 6
> Stack:
> /usr/lib/openoffice/program/libuno_sal.so.3[0xb71b0424]
> /lib/libc.so.6(malloc+0x7f)[0xb6b52cff]
> /usr/lib/openoffice/program/soffice: line 254: 24654
> Aborted "$sd_prog/$sd_binary" "$@"
>
> ** (process:24639): WARNING **: Unknown error forking main binary /
> abnormal early exit ...
It apparently abort()ed, which is more a controlled crash, at most a
denial of Service.
Ciao, Marcus
Powered by blists - more mailing lists