Red Hat Bugzilla – Bug 435675
CVE-2007-5746 openoffice.org: EMF files parsing EMR_BITBLT record heap overflows
Last modified: 2008-05-17 18:25:55 EDT
Security issue found by anonymous researcher was reported via iDefense to
Manipulated EMF files can lead to heap overflows and arbitrary code execution
A security vulnerability with the way OpenOffice.org 1.1 and 2 process EMF files
may allow a remote unprivileged user who provides a OpenOffice.org document that
is opened by a local user to execute arbitrary commands on the system with the
privileges of the user running OpenOffice.org.
Created attachment 296568 [details]
embargo moved at request of upstream to Apr 15
openoffice.org-2.3.0-6.14.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
openoffice.org-2.3.0-6.8.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.