Re: CVE Request -- openoffice.org (CVE-2008-4841)

["Steven M. Christey" <coley () linus mitre org>]

On Wed, 21 Jan 2009, Jan Lieskovsky wrote:

> What's the strategy in this case -- will we need a new CVE-2008 id
> for this issue && the openoffice.org1 case? (And if so, could
> you allocate one?)

A new one is needed since (I assume) it's not a shared codebase between
Microsoft and the Linux distros.  A 2009 number is being used since the
announcement for this particular product was made in 2009.

Consider buffer overflows in FTP servers with a long username - same exact
bug, but at least 20 different implementations have been hit with it so
far.

Use CVE-2009-0259

- Steve

======================================================
Name: CVE-2009-0259
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0259
Reference: MILW0RM:6560
Reference: URL:http://www.milw0rm.com/exploits/6560
Reference: MISC:http://milw0rm.com/sploits/2008-crash.doc.rar
Reference: MLIST:[oss-security] 20090121 CVE Request -- openoffice.org (CVE-2008-4841)
Reference: URL:http://www.openwall.com/lists/oss-security/2009/01/21/9

The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows
remnote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf
Word 97 file that triggers memory corruption, as exploited in the wild
in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar
issue to CVE-2008-4841.