content/security/cves/CVE-2007-2754.html - openoffice-org - Git at Google

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
 "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
 <title>
   CVE-2007-2754
 </title>
   <style type="text/css">
 /*<![CDATA[*/
     hr { display: block }
   /*]]>*/
   </style>

 </head>
 <body>
 <h2>
   CVE-2007-2754
 </h2>
 <h3>
   Integer overflow and heap-based buffer overflow vulnerability in 3rd party module (freetype)
 </h3>
 <ul>
   <li><strong>Synopsis:</strong> Integer overflow and heap-based buffer overflow
    vulnerability in 3rd party module (freetype)
 </li>
   <li><strong>State:</strong> Resolved</li>
 </ul>
 <h4>
   1. Impact
 </h4>
 <p>
   Opening manipulated documents which trigger an overflow in the freetype library may
   allow arbitrary command execution on the system with the privileges of the user running OpenOffice.org.
 </p>
 <p>
   See also <a href="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2754">CVE-2007-2754</a>
 </p>
 <h4>
   2. Affected releases
 </h4>
 <p>
   All versions prior to OpenOffice.org 2.2.1
 </p>
 <h4>
   3. Symptoms
 </h4>
 <p>
   There are no predictable symptoms that would indicate this issue has occurred.
 </p>
 <h4>
   4. Relief/Workaround
 </h4>
 <p>
   There is no workaround. See &quot;Resolution&quot; below.
 </p>
 <h4>
   5. Resolution
 </h4>
 <p>
   This issue is addressed in the following releases:
 </p>
 <p>
   <strong>OpenOffice.org 2.2.1</strong>
 </p>
     <hr />
     <p>
       <a href="//security/">Security Home</a> ->
         <a href="//security/bulletin.html">Bulletin</a> ->
         <a href="//security/cves/CVE-2007-2754.html">CVE-2007-2754</a>
     </p>

 </body>
 </html>
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
	"http://www.w3.org/TR/html4/loose.dtd">
	<html>
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
	<title>
	CVE-2007-2754
	</title>
	<style type="text/css">
	/<![CDATA[/
	hr { display: block }
	/]]>/
	</style>

	</head>
	<body>
	<h2>
	CVE-2007-2754
	</h2>
	<h3>
	Integer overflow and heap-based buffer overflow vulnerability in 3rd party module (freetype)
	</h3>
	<ul>
	<li><strong>Synopsis:</strong> Integer overflow and heap-based buffer overflow
	vulnerability in 3rd party module (freetype)
	</li>
	<li><strong>State:</strong> Resolved</li>
	</ul>
	<h4>
	1. Impact
	</h4>
	<p>
	Opening manipulated documents which trigger an overflow in the freetype library may
	allow arbitrary command execution on the system with the privileges of the user running OpenOffice.org.
	</p>
	<p>
	See also <a href="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2754">CVE-2007-2754</a>
	</p>
	<h4>
	2. Affected releases
	</h4>
	<p>
	All versions prior to OpenOffice.org 2.2.1
	</p>
	<h4>
	3. Symptoms
	</h4>
	<p>
	There are no predictable symptoms that would indicate this issue has occurred.
	</p>
	<h4>
	4. Relief/Workaround
	</h4>
	<p>
	There is no workaround. See "Resolution" below.
	</p>
	<h4>
	5. Resolution
	</h4>
	<p>
	This issue is addressed in the following releases:
	</p>
	<p>
	<strong>OpenOffice.org 2.2.1</strong>
	</p>
	<hr />
	<p>
	<a href="//security/">Security Home</a> ->
	<a href="//security/bulletin.html">Bulletin</a> ->
	<a href="//security/cves/CVE-2007-2754.html">CVE-2007-2754</a>
	</p>

	</body>
	</html>