Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-2139

Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a similar issue to CVE-2008-2238.

Related bugs and status

CVE-2009-2139 (Candidate) is related to these bugs:

Bug #442740: Update OpenOffice to fix security vulnerabilities

Summary				In	Importance	Status
	442740	Update OpenOffice to fix security vulnerabilities		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

DEBIAN: DSA-1880
BID: 36291
SECUNIA: 36613
CONFIRM: http://cgit.freedeskto...
MLIST: [oss-security] 2009102...
SUSE: SUSE-SR:2009:015
MANDRIVA: MDVSA-2010:035
MANDRIVA: MDVSA-2010:091
MANDRIVA: MDVSA-2010:105
MLIST: [oss-security] 2009091...
MLIST: [oss-security] 2009091...
MLIST: [oss-security] 2009092...