[<prev] [next>] [day] [month] [year] [list]
Message-ID: <51F20F98.8060204@apache.org>
Date: Fri, 26 Jul 2013 07:56:40 +0200
From: Herbert Duerr <hdu@...che.org>
To: announce@...noffice.apache.org, dev@...noffice.apache.org,
users@...noffice.apache.org, full-disclosure@...ts.grok.org.uk,
bugtraq@...urityfocus.com
CC: msvr@...rosoft.com
Subject: CVE-2013-4156: OpenOffice DOCM Memory Corruption Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
CVE-2013-4156
OpenOffice DOCM Memory Corruption Vulnerability
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache OpenOffice 3.4.0 and 3.4.1, on all platforms.
Predecessor versions of OpenOffice.org may be also affected.
Description:
The vulnerability is caused by mishandling of unknown XML elements
when parsing a OOXML document file. Specially crafted documents can be
used for memory-corruption attacks. Further exploits are possible but
have not been verified.
Mitigation
Apache OpenOffice 3.4.0 and 3.4.1 users are advised to upgrade to
Apache OpenOffice 4.0. Users who are unable to upgrade immediately
should be cautious when opening untrusted documents.
Credits
The Apache OpenOffice Security Team credits Jeremy Brown of
Microsoft Vulnerability Research as the discoverer of this flaw.
Herbert Dürr
Member of the Apache OpenOffice Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJR8g+LAAoJEDfnuKc+PLjJPmkP/j3BnqefvmPbTicx8cZR+Q+I
Y0EqD/2Kvu0qQw6v7S27CnHVpErh9tvEfDViZpXz8hyds3LgVCxOQjFp+XSqvDTW
Ut4Ug1tx7N8+RcpTW7qM0/wRRWdjZIdh8sTrtkB93bqbJguLiYk3KWqK2cxW11q6
1fQitnAegZNRVZnSU0rGGVfnc26ulvS0gljpNqhvDit9jOXw5MC+aN05XmCrx/qK
NrGUUPJeiyi/5g0xxx4ig/N0/EvO1iZmQAGEE7O24tsoP1hqvuySI0U1kLIhI//x
ZdeK4JukZm2OQq0ACXJYhrU0mhfCfdaRW0U4NWiTpBbwfsn0uAMPBhXSO9O+YPQj
sWUzLixEg+4EtTQss9oGW+CBaZz+HfErIIUj2rxT01SDlbcfa4ME5giFGC0UO9Ai
1N+GHd8IyWegwUBWV3FSZ9fCbDjaQUCv8cYN3zMo/xl/AsA9LKEsJ0l51B1WnHnY
nwoXunUdgUL06blCZ4rwTzoFqSSPrCBDb/ff/PREGvJU4LOFTp6IrxgDH3ODSAE4
jOMuFCjhdDnx7WWDwxi9JnBYE4CwXmhlYNdSdie4pUP6BAq4e2I6kYRkKA3rWf2h
CEj1FreYvaYV4OFVcF8wVpP1w5vFgOlOKOy19Y/gP5B29qe2O5qIrFmnx8gPV2iV
7kLeWn4ZPoGXoPkC3TYa
=4hNB
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists