Vulnerabilities > CVE-2013-2189 - Out-of-bounds Write vulnerability in Apache Openoffice
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family | Windows |
NASL id | OPENOFFICE_40.NASL |
description | The version of Apache OpenOffice installed on the remote host is prior to 4.0. It is, therefore, affected by memory corruption vulnerabilities related to the handling of PLCF (Plex of Character Positions in File) data and unknown XML elements in OOXML files. This can lead to application crashes and, potentially, other unspecified impacts. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 69185 |
published | 2013-08-01 |
reporter | This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/69185 |
title | Apache OpenOffice < 4.0 Multiple Memory Corruption Vulnerabilities |
code |
|
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 61465 CVE(CAN) ID: CVE-2013-2189 Apache OpenOffice是开源办公软件套装。 OpenOffice 3.4.0、3.4.1处理畸形DOC文件内的PLCF数据会造成内存破坏,导致拒绝服务。 0 OpenOffice 3.4.0 - 3.4.1 厂商补丁: OpenOffice ---------- OpenOffice已经为此发布了一个安全公告(CVE-2013-2189)以及相应补丁: CVE-2013-2189:CVE-2013-2189 链接:http://www.openoffice.org/security/cves/CVE-2013-2189.html 补丁下载:http://download.openoffice.org/ |
id | SSV:60923 |
last seen | 2017-11-19 |
modified | 2013-07-30 |
published | 2013-07-30 |
reporter | Root |
title | Apache OpenOffice 文档内存破坏漏洞(CVE-2013-2189) |