Vulnerabilities > CVE-2013-2189 - Out-of-bounds Write vulnerability in Apache Openoffice

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

apache

CWE-787

nessus

NVD

Published: 2013-07-31

Updated: 2022-02-07

Summary

Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.

Vulnerable Configurations

Part	Description	Count
Application	Apache Apache Openoffice - Apache Openoffice 1.0.2 Apache Openoffice 1.0.3 Apache Openoffice 1.1.0 Apache Openoffice 1.1.4 Apache Openoffice 1.1.5 Apache Openoffice 2.0.0 Apache Openoffice 2.0.1 Apache Openoffice 2.0.2 Apache Openoffice 2.0.3 Apache Openoffice 2.0.4 Apache Openoffice 2.1.0 Apache Openoffice 2.2.0 Apache Openoffice 2.2.1 Apache Openoffice 2.3.0 Apache Openoffice 2.3.1 Apache Openoffice 2.4.0 Apache Openoffice 2.4.1 Apache Openoffice 2.4.2 Apache Openoffice 2.4.3 Apache Openoffice 3.0.0 Apache Openoffice 3.0.1 Apache Openoffice 3.1.0 Apache Openoffice 3.1.1 Apache Openoffice 3.2.0 Apache Openoffice 3.2.1 Apache Openoffice 3.3.0 Apache Openoffice 3.4.0 Apache Openoffice 3.4.1	31

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Nessus

NASL family	Windows
NASL id	OPENOFFICE_40.NASL
description	The version of Apache OpenOffice installed on the remote host is prior to 4.0. It is, therefore, affected by memory corruption vulnerabilities related to the handling of PLCF (Plex of Character Positions in File) data and unknown XML elements in OOXML files. This can lead to application crashes and, potentially, other unspecified impacts.
last seen	2020-06-01
modified	2020-06-02
plugin id	69185
published	2013-08-01
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/69185
title	Apache OpenOffice < 4.0 Multiple Memory Corruption Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(69185); script_version("1.8"); script_cvs_date("Date: 2019/11/27"); script_cve_id("CVE-2013-2189", "CVE-2013-4156"); script_bugtraq_id(61465, 61468); script_name(english:"Apache OpenOffice < 4.0 Multiple Memory Corruption Vulnerabilities"); script_summary(english:"Checks the version of Apache OpenOffice."); script_set_attribute(attribute:"synopsis", value: "The remote Windows host has a program affected by multiple memory corruption vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Apache OpenOffice installed on the remote host is prior to 4.0. It is, therefore, affected by memory corruption vulnerabilities related to the handling of PLCF (Plex of Character Positions in File) data and unknown XML elements in OOXML files. This can lead to application crashes and, potentially, other unspecified impacts."); script_set_attribute(attribute:"see_also", value:"http://www.openoffice.org/security/cves/CVE-2013-2189.html"); script_set_attribute(attribute:"see_also", value:"http://www.openoffice.org/security/cves/CVE-2013-4156.html"); script_set_attribute(attribute:"see_also", value:"https://blogs.apache.org/OOo/entry/a_short_celebration_and_then"); script_set_attribute(attribute:"solution", value: "Upgrade to Apache OpenOffice version 4.0 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-4156"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/07/23"); script_set_attribute(attribute:"patch_publication_date", value:"2013/07/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/01"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:apache:openoffice"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("openoffice_installed.nasl"); script_require_keys("SMB/OpenOffice/Build"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); build = get_kb_item_or_exit("SMB/OpenOffice/Build"); path = get_kb_item("SMB/OpenOffice/Path"); version_ui = get_kb_item("SMB/OpenOffice/Version_UI"); matches = eregmatch(string:build, pattern:"([0-9]+[a-z][0-9]+)\(Build:([0-9]+)\)"); if (isnull(matches)) audit(AUDIT_VER_FAIL, "OpenOffice"); buildid = int(matches[2]); if (buildid <= 9593) { port = get_kb_item("SMB/transport"); if (!port) port = 445; if (report_verbosity > 0) { report = '\n Path : ' + path + '\n Installed version : ' + version_ui + '\n Fixed version : 4.0 (400m3 / build 9702)' + '\n'; security_warning(port:port, extra:report); } else security_warning(port); exit(0); } else audit(AUDIT_INST_PATH_NOT_VULN, "OpenOffice", version_ui, path);

Seebug

bulletinFamily	exploit
description	BUGTRAQ ID: 61465 CVE(CAN) ID: CVE-2013-2189 Apache OpenOffice是开源办公软件套装。 OpenOffice 3.4.0、3.4.1处理畸形DOC文件内的PLCF数据会造成内存破坏，导致拒绝服务。 0 OpenOffice 3.4.0 - 3.4.1 厂商补丁： OpenOffice ---------- OpenOffice已经为此发布了一个安全公告（CVE-2013-2189）以及相应补丁: CVE-2013-2189：CVE-2013-2189 链接：http://www.openoffice.org/security/cves/CVE-2013-2189.html 补丁下载：http://download.openoffice.org/
id	SSV:60923
last seen	2017-11-19
modified	2013-07-30
published	2013-07-30
reporter	Root
title	Apache OpenOffice 文档内存破坏漏洞(CVE-2013-2189)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Seebug

References