[<prev] [next>] [thread-next>] [month] [year] [list]
Date: Wed, 21 Jan 2009 14:13:46 +0100
From: Jan Lieskovsky <jlieskov@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
Cc: oss-security@...ts.openwall.com
Subject: CVE Request -- openoffice.org (CVE-2008-4841)
Hello Steve,
CVE of CVE-2008-4841 has been assigned to
the following WordPad Text Converter for Word 97
vulnerability:
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000
SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to
execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf
Word 97 file that triggers memory corruption, as exploited in the wild
in December 2008. NOTE: As of 20081210, it is unclear whether this
vulnerability is related to a WordPad issue disclosed on 20080925 with
a 2008-crash.doc.rar example, but there are insufficient details to be
sure.
With references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4841
http://www.milw0rm.com/exploits/6560
http://milw0rm.com/sploits/2008-crash.doc.rar
http://www.microsoft.com/technet/security/advisory/960906.mspx
http://www.securityfocus.com/bid/31399
http://www.securityfocus.com/bid/32718
http://securitytracker.com/id?1021376
http://secunia.com/advisories/32997
Found out, this issue (http://milw0rm.com/sploits/2008-crash.doc.rar)
affects also the Word processor as shipped with OpenOffice.org.
Affected OpenOffice.org versions: openoffice.org-1.1.2-38.2.0.EL3 <= x < openoffice.org-1.1.5-10.6.0.5.EL4
Note: !! openoffice.org-2.* releases are not affected by this issue !!
What's the strategy in this case -- will we need a new CVE-2008 id
for this issue && the openoffice.org1 case? (And if so, could
you allocate one?)
Thanks, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux