The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2005-05-02 04:00
Updated : 2024-02-04 16:52
NVD link : CVE-2005-0941
Mitre link : CVE-2005-0941
CVE.ORG link : CVE-2005-0941
JSON object : View
Products Affected
openoffice
- openoffice
CWE