CVE-2007-5746

Published: Apr 17, 2008Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.

Affected (6)

Products: Openoffice: Openoffice.org

Openoffice

1 product

Openoffice.org

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Openoffice Openoffice.org	Version 2.0.3
Openoffice Openoffice.org	Version 2.1
Openoffice Openoffice.org	Version 2.2.1
Openoffice Openoffice.org	Version 2.2
Openoffice Openoffice.org	Version 2.3.1
Openoffice Openoffice.org	Version 2.3

Related CWEs

CWE-189

References (60)

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=692

Source: cve@mitre.org

http://secunia.com/advisories/29844

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/29852

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/29864

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/29871

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/29910

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/29913

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/29987

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/30100

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/30179

Source: cve@mitre.org

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200805-16.xml

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-66-231661-1

Source: cve@mitre.org

http://www.debian.org/security/2008/dsa-1547

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDVSA-2008:090

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDVSA-2008:095

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2008_23_openoffice.html

Source: cve@mitre.org

http://www.openoffice.org/security/bulletin.html

Source: cve@mitre.org

http://www.openoffice.org/security/cves/CVE-2007-4770.html

Source: cve@mitre.org

http://www.openoffice.org/security/cves/CVE-2007-5745.html

Source: cve@mitre.org

http://www.openoffice.org/security/cves/CVE-2007-5746.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2008-0175.html

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2008-0176.html

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/28819

Source: cve@mitre.org

http://www.securitytracker.com/id?1019892

Source: cve@mitre.org

http://www.ubuntu.com/usn/usn-609-1

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/1253/references

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1375/references

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/41861

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10249

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00448.html

Source: cve@mitre.org

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=692