9.3

CVE-2008-3282

Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheOpenoffice Version2.4.1 HwPlatformx64
FedoraprojectFedora Version8
FedoraprojectFedora Version9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.76% 0.953
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-681 Incorrect Conversion between Numeric Types

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

http://secunia.com/advisories/31640
Broken Link
http://secunia.com/advisories/31646
Broken Link
http://secunia.com/advisories/31778
Broken Link
http://securitytracker.com/id?1020764
Third Party Advisory
Broken Link
VDB Entry
http://www.openoffice.org/issues/show_bug.cgi?id=92217
Issue Tracking
http://www.redhat.com/support/errata/RHSA-2008-0835.html
Broken Link
http://www.securityfocus.com/bid/30866
Third Party Advisory
Broken Link
VDB Entry
http://www.vupen.com/english/advisories/2008/2449
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=455867
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=458056
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/44742
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11345
Broken Link
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00120.html
Mailing List
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00494.html
Mailing List