Red Hat Bugzilla – Bug 435681
CVE-2007-5747 openoffice.org: Quattro Pro files parsing integer underflow
Last modified: 2016-03-04 05:45:42 EST
Security issue found by anonymous researcher was reported via iDefense to
Manipulated Quattro Pro files can lead to heap overflows and arbitrary code
A security vulnerability with the way OpenOffice.org 2 processes Quattro Pro
files may allow a remote unprivileged user who provides a OpenOffice.org
document that is opened by a local user to execute arbitrary commands on the
system with the privileges of the user running OpenOffice.org.
embargo moved at request of upstream to Apr 15
openoffice.org-2.3.0-6.14.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
openoffice.org-2.3.0-6.8.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.