| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" |
| "http://www.w3.org/TR/html4/loose.dtd"> |
| <html> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
| <title> |
| CVE-2007-2754 |
| </title> |
| <style type="text/css"> |
| /*<![CDATA[*/ |
| hr { display: block } |
| /*]]>*/ |
| </style> |
| |
| </head> |
| <body> |
| <h2> |
| CVE-2007-2754 |
| </h2> |
| <h3> |
| Integer overflow and heap-based buffer overflow vulnerability in 3rd party module (freetype) |
| </h3> |
| <ul> |
| <li><strong>Synopsis:</strong> Integer overflow and heap-based buffer overflow |
| vulnerability in 3rd party module (freetype) |
| </li> |
| <li><strong>State:</strong> Resolved</li> |
| </ul> |
| <h4> |
| 1. Impact |
| </h4> |
| <p> |
| Opening manipulated documents which trigger an overflow in the freetype library may |
| allow arbitrary command execution on the system with the privileges of the user running OpenOffice.org. |
| </p> |
| <p> |
| See also <a href="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2754">CVE-2007-2754</a> |
| </p> |
| <h4> |
| 2. Affected releases |
| </h4> |
| <p> |
| All versions prior to OpenOffice.org 2.2.1 |
| </p> |
| <h4> |
| 3. Symptoms |
| </h4> |
| <p> |
| There are no predictable symptoms that would indicate this issue has occurred. |
| </p> |
| <h4> |
| 4. Relief/Workaround |
| </h4> |
| <p> |
| There is no workaround. See "Resolution" below. |
| </p> |
| <h4> |
| 5. Resolution |
| </h4> |
| <p> |
| This issue is addressed in the following releases: |
| </p> |
| <p> |
| <strong>OpenOffice.org 2.2.1</strong> |
| </p> |
| <hr /> |
| <p> |
| <a href="//security/">Security Home</a> -> |
| <a href="//security/bulletin.html">Bulletin</a> -> |
| <a href="//security/cves/CVE-2007-2754.html">CVE-2007-2754</a> |
| </p> |
| |
| </body> |
| </html> |