Red Hat Bugzilla – Bug 251717
CVE-2007-4251 OpenOffice crashes upon opening certain files
Last modified: 2007-08-14 04:31:06 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4251
to the following vulnerability:
OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service.
"An issue in OpenOffice 2.2 Multiple File Extension Handling leads to denial
of service conditions. Due to the minimum severity of the issue, the
information is provided in Information Table. The issue does not allow code
execution. Eleytt provides exemplary PoC exploits for this issue for
reponsible security companies only."
Created attachment 161161 [details]
patch to avoid
This patch should suffice. Is there a security bug here, not convinced really.
We throw on attempting to allocate the massive negative value string.
Should this be reassigned to me and component openoffice.org ?
Caolan: thanks for the investigation. Attempting to allocate a negative amount
of memory is not something we would call a security issue, so we don't want this
to be fixed in RHEL now.
This bug is here for serves as a reference to results of investigation and our
opinion about the issue so it's not to be assigned to you. In case wanted to fix
this you'd be assigned separate tracking bugs for each release.
Red Hat does not consider this flaw a security issue. This flaw will only crash
OpenOffice.org if a victim opens a malicious document.