Vulnerabilities > CVE-2009-0259 - Resource Management Errors vulnerability in Openoffice Openoffice.Org

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

openoffice

CWE-399

exploit available

NVD

Published: 2009-01-22

Updated: 2024-11-21

Summary

The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841.

Vulnerable Configurations

Part	Description	Count
Application	Openoffice Openoffice Openoffice.Org 1.1.3 Openoffice Openoffice.Org 1.1.4 Openoffice Openoffice.Org 1.1.2 Openoffice Openoffice.Org 1.1.5	4

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Exploit-Db

description	MS Windows Wordpad .doc File Local Denial of Service PoC. CVE-2008-4841,CVE-2009-0259. Dos exploit for windows platform
file	exploits/windows/dos/6560.txt
id	EDB-ID:6560
last seen	2016-02-01
modified	2008-09-25
platform	windows
port
published	2008-09-25
reporter	securfrog
source	https://www.exploit-db.com/download/6560/
title	Microsoft Windows Wordpad - .doc File Local Denial of Service PoC
type	dos

Statements

contributor	Tomas Hoger
lastmodified	2009-01-23
organization	Red Hat
statement	This issue can only result in an OpenOffice.org crash, not allowing arbitrary code execution. Red Hat does not consider a crash of a client application such as OpenOffice.org to be a security issue.

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

Statements

References