The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 102994 Manipulated TIFF Files or Documents Containing Manipulated TIFF Files May Lead to Heap Overflows and Arbitrary Code Execution

Guest Author
Product: StarOffice 7 Office Suite, StarOffice 6.0 Office Suite, StarOffice 8 Office Suite

A security vulnerability with the way StarOffice/StarSuite 6, 7, and 8 process TIFF files may allow a remote unprivileged user who provides a StarOffice/StarSuite document that is opened by a local user to execute arbitrary commands on the system with the privileges of the user running StarOffice/StarSuite.

Sun acknowledges with thanks, an anonymous researcher working with the iDefense VCP (http://labs.idefense.com/vcp/).

This issue is also described in the following document:

Avoidance: Patch
State: Resolved
First released: 24-Sep-2007

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.