Qualcuno potrebbe fornire, se possibile, maggiori dettagli riguardo il fix che sembrerebbe essere disponibile per correggere il suddetto problema? In particolare non sono molto pratico di CVS repository. Di che si tratta?
Grazie
>---------------------------------------------------------------------- > >TITLE: >OpenOffice ".doc" Document Handling Buffer Overflow > >SECUNIA ADVISORY ID: >SA14912 > >VERIFY ADVISORY: >http://secunia.com/advisories/14912/ > >CRITICAL: >Moderately critical > >IMPACT: >DoS, System access > >WHERE: >From remote > >SOFTWARE: >OpenOffice 1.1.x >http://secunia.com/product/302/ > >DESCRIPTION: >AD-LAB has reported a vulnerability in OpenOffice, which potentially >can be exploited by malicious people to compromise a user's system. > >The vulnerability is caused due to a boundary error in the >"StgCompObjStream::Load()" function when processing ".doc" document >files. This can be exploited to cause a heap-based buffer overflow by >tricking a user into opening a malicious document containing a >specially crafted header. > >Successful exploitation may allow execution of arbitrary code. > >The vulnerability has been reported in versions 1.1.4 and prior and >in the 2.0 beta release. > >SOLUTION: >A fix is available in the CVS repository. > >PROVIDED AND/OR DISCOVERED BY: >AD-LAB > >ORIGINAL ADVISORY: >OpenOffice Bug Report: >http://www.openoffice.org/issues/show_bug.cgi?id=46388 > >----------------------------------------------------------------------
--
»» Mr. Crocodile ««
~~~~~~~~~~~~~~~~~~~~~~
The Truth Is Out There
~~~~~~~~~~~~~~~~~~~~~~
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
