Bug 435678 (CVE-2007-5745)

Summary: CVE-2007-5745 openoffice.org: Quattro Pro files handling heap overflows in Attribute and Font records
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: caolanm, jnavrati, kreilly, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 2.3.0-6.14.fc8 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-04-22 22:41:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 435687, 435688, 435690, 435691, 442845, 442846    
Bug Blocks:    

Description Tomas Hoger 2008-03-03 10:28:05 UTC 
Security issue found by anonymous researcher was reported via iDefense to
OpenOffice.org upstream:

Synopsis:
Manipulated Quattro Pro files can lead to heap overflows and arbitrary code
execution

Impact:
A security vulnerability with the way OpenOffice.org 2 processes Quattro Pro
files may allow a remote unprivileged user who provides a OpenOffice.org
document that is opened by a local user to execute arbitrary commands on the
system with the privileges of the user running OpenOffice.org.
Comment 7 Mark J. Cox 2008-03-27 08:55:15 UTC 
embargo moved at request of upstream to Apr 15
Comment 8 Tomas Hoger 2008-04-17 07:09:31 UTC 
Public now:

http://www.openoffice.org/security/cves/CVE-2007-5745.html

Lifting embargo.
Comment 11 Fedora Update System 2008-04-22 22:40:53 UTC 
openoffice.org-2.3.0-6.14.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 12 Fedora Update System 2008-05-17 22:25:49 UTC 
openoffice.org-2.3.0-6.8.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.