Sun Alert 243226 Security Vulnerability in StarOffice/StarSuite Related to EMF Files May Lead to Heap Overflows and Arbitrary Code Execution

Product:

A security vulnerability with the way StarOffice/StarSuite 7 and 8 process EMF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite.

This issue is described in the following document:

CVE-2008-2238 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-2238

Sun acknowledges with thanks, an anonymous researcher working with the iDefense VCP (http://labs.idefense.com/vcp/) for bringing this issue to our attention.

State: Resolved
First released: 13-Nov-2008
Comments:

Post a Comment:
Comments are closed for this entry.
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today