667588 – (CVE-2010-4643) CVE-2010-4643 OpenOffice.org: heap based buffer overflow when parsing TGA files

Bug 667588 (CVE-2010-4643) - CVE-2010-4643 OpenOffice.org: heap based buffer overflow when parsing TGA files

Summary: CVE-2010-4643 OpenOffice.org: heap based buffer overflow when parsing TGA files

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2010-4643
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	642175 642176 642184 642185 642192 642196 642200 642201 804532
Blocks:
TreeView+	depends on / blocked

Reported:	2011-01-06 06:47 UTC by Huzaifa S. Sidhpurwala
Modified:	2023-05-11 16:52 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2012-06-21 09:30:30 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2011:0181	normal	SHIPPED_LIVE	Important: openoffice.org and openoffice.org2 security update	2011-01-28 12:56:23 UTC
Red Hat Product Errata	RHSA-2011:0182	normal	SHIPPED_LIVE	Important: openoffice.org security update	2011-01-28 13:02:13 UTC
Red Hat Product Errata	RHSA-2011:0183	normal	SHIPPED_LIVE	Important: openoffice.org security and bug fix update	2011-01-28 15:24:30 UTC

Description Huzaifa S. Sidhpurwala 2011-01-06 06:47:15 UTC

A heap-based buffer overflow was discovered in various versions of
OpenOffice.org, when reading certain TGA files. 

If a user opened a specially crafted TGA file, it could lead to 
application crash or possibly execution of arbitrary code,  with 
the privileges of the user running OpenOffice.org Impress.

This has been assigned CVE-2010-4643.

Acknowledgements:

Red Hat would like to thank OpenOffice.org for reporting this issue.

Comment 3 Huzaifa S. Sidhpurwala 2011-01-27 03:54:02 UTC

Public via:
http://www.openoffice.org/security/cves/CVE-2010-4643.html

Comment 4 errata-xmlrpc 2011-01-28 12:56:51 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 4

Via RHSA-2011:0181 https://rhn.redhat.com/errata/RHSA-2011-0181.html

Comment 5 errata-xmlrpc 2011-01-28 13:02:33 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2011:0182 https://rhn.redhat.com/errata/RHSA-2011-0182.html

Comment 6 errata-xmlrpc 2011-01-28 15:24:58 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2011:0183 https://rhn.redhat.com/errata/RHSA-2011-0183.html

Note You need to log in before you can comment on or make changes to this bug.