Upstream information

CVE-2005-0941 at MITRE

Description

The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5.1
Vector AV:N/AC:H/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity High
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entries: 130198, 76741, 83216

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
  • OpenOffice_org >= 1.1.3-0.20
  • OpenOffice_org-cs >= 1.1.3-0.20
  • OpenOffice_org-da >= 1.1.3-0.20
  • OpenOffice_org-de >= 1.1.3-0.20
  • OpenOffice_org-en >= 1.1.3-0.20
  • OpenOffice_org-en-help >= 1.1.3-0.20
  • OpenOffice_org-es >= 1.1.3-0.20
  • OpenOffice_org-fi >= 1.1.3-0.20
  • OpenOffice_org-fr >= 1.1.3-0.20
  • OpenOffice_org-gnome >= 1.1.3-0.20
  • OpenOffice_org-hu >= 1.1.3-0.20
  • OpenOffice_org-it >= 1.1.3-0.20
  • OpenOffice_org-ja >= 1.1.3-0.20
  • OpenOffice_org-kde >= 1.1.3-0.20
  • OpenOffice_org-pl >= 1.1.3-0.20
  • OpenOffice_org-pt >= 1.1.3-0.20
  • OpenOffice_org-ru >= 1.1.3-0.20
  • OpenOffice_org-sk >= 1.1.3-0.20
  • OpenOffice_org-sv >= 1.1.3-0.20
  • OpenOffice_org-zh-CN >= 1.1.3-0.20
  • OpenOffice_org-zh-TW >= 1.1.3-0.20
Builds
YOU Patch Nr: 10016
SuSE Linux Desktop 1.0
  • OpenOffice_org >= 1.1-100
  • OpenOffice_org-cs >= 1.1-100
  • OpenOffice_org-de >= 1.1-100
  • OpenOffice_org-en >= 1.1-100
  • OpenOffice_org-fr >= 1.1-100
  • OpenOffice_org-it >= 1.1-100
  • OpenOffice_org-nl >= 1.1-100
Builds
SUSE LINUX 9.3
  • OpenOffice_org >= 1.9.79-9.2
  • OpenOffice_org-ar >= 1.9.79-9.2
  • OpenOffice_org-ca >= 1.9.79-9.2
  • OpenOffice_org-cs >= 1.9.79-9.2
  • OpenOffice_org-da >= 1.9.79-9.2
  • OpenOffice_org-de >= 1.9.79-9.2
  • OpenOffice_org-de-templates >= 8.2-157
  • OpenOffice_org-el >= 1.9.79-9.2
  • OpenOffice_org-es >= 1.9.79-9.2
  • OpenOffice_org-et >= 1.9.79-9.2
  • OpenOffice_org-fi >= 1.9.79-9.2
  • OpenOffice_org-fr >= 1.9.79-9.2
  • OpenOffice_org-gnome >= 1.9.79-9.2
  • OpenOffice_org-hu >= 1.9.79-9.2
  • OpenOffice_org-it >= 1.9.79-9.2
  • OpenOffice_org-ja >= 1.9.79-9.2
  • OpenOffice_org-kde >= 1.9.79-9.2
  • OpenOffice_org-ko >= 1.9.79-9.2
  • OpenOffice_org-nl >= 1.9.79-9.2
  • OpenOffice_org-pl >= 1.9.79-9.2
  • OpenOffice_org-pt >= 1.9.79-9.2
  • OpenOffice_org-ru >= 1.9.79-9.2
  • OpenOffice_org-sk >= 1.9.79-9.2
  • OpenOffice_org-sl >= 1.9.79-9.2
  • OpenOffice_org-sv >= 1.9.79-9.2
  • OpenOffice_org-tr >= 1.9.79-9.2
  • OpenOffice_org-zh-CN >= 1.9.79-9.2
  • OpenOffice_org-zh-TW >= 1.9.79-9.2
SUSE LINUX 9.3
  • OpenOffice_org1 >= 1.1.3-4.2
  • OpenOffice_org1-ar >= 1.1.3-4.2
  • OpenOffice_org1-ca >= 1.1.3-4.2
  • OpenOffice_org1-cs >= 1.1.3-4.2
  • OpenOffice_org1-da >= 1.1.3-4.2
  • OpenOffice_org1-de >= 1.1.3-4.2
  • OpenOffice_org1-el >= 1.1.3-4.2
  • OpenOffice_org1-en >= 1.1.3-4.2
  • OpenOffice_org1-en-help >= 1.1.3-4.2
  • OpenOffice_org1-es >= 1.1.3-4.2
  • OpenOffice_org1-et >= 1.1.3-4.2
  • OpenOffice_org1-fi >= 1.1.3-4.2
  • OpenOffice_org1-fr >= 1.1.3-4.2
  • OpenOffice_org1-gnome >= 1.1.3-4.2
  • OpenOffice_org1-hu >= 1.1.3-4.2
  • OpenOffice_org1-it >= 1.1.3-4.2
  • OpenOffice_org1-ja >= 1.1.3-4.2
  • OpenOffice_org1-kde >= 1.1.3-4.2
  • OpenOffice_org1-ko >= 1.1.3-4.2
  • OpenOffice_org1-nl >= 1.1.3-4.2
  • OpenOffice_org1-pl >= 1.1.3-4.2
  • OpenOffice_org1-pt >= 1.1.3-4.2
  • OpenOffice_org1-ru >= 1.1.3-4.2
  • OpenOffice_org1-sk >= 1.1.3-4.2
  • OpenOffice_org1-sl >= 1.1.3-4.2
  • OpenOffice_org1-sv >= 1.1.3-4.2
  • OpenOffice_org1-tr >= 1.1.3-4.2
  • OpenOffice_org1-zh-CN >= 1.1.3-4.2
  • OpenOffice_org1-zh-TW >= 1.1.3-4.2
SUSE LINUX 9.3
  • OpenOffice_org >= 1.9.125-4.1
  • OpenOffice_org-Quickstarter >= 1.0-471.3
  • OpenOffice_org-ar >= 1.9.125-4.1
  • OpenOffice_org-ca >= 1.9.125-4.1
  • OpenOffice_org-cs >= 1.9.125-4.1
  • OpenOffice_org-da >= 1.9.125-4.1
  • OpenOffice_org-de >= 1.9.125-4.1
  • OpenOffice_org-el >= 1.9.125-4.1
  • OpenOffice_org-es >= 1.9.125-4.1
  • OpenOffice_org-et >= 1.9.125-4.1
  • OpenOffice_org-fi >= 1.9.125-4.1
  • OpenOffice_org-fr >= 1.9.125-4.1
  • OpenOffice_org-gnome >= 1.9.125-4.1
  • OpenOffice_org-hu >= 1.9.125-4.1
  • OpenOffice_org-it >= 1.9.125-4.1
  • OpenOffice_org-ja >= 1.9.125-4.1
  • OpenOffice_org-kde >= 1.9.125-4.1
  • OpenOffice_org-ko >= 1.9.125-4.1
  • OpenOffice_org-nl >= 1.9.125-4.1
  • OpenOffice_org-pl >= 1.9.125-4.1
  • OpenOffice_org-pt >= 1.9.125-4.1
  • OpenOffice_org-ru >= 1.9.125-4.1
  • OpenOffice_org-sk >= 1.9.125-4.1
  • OpenOffice_org-sl >= 1.9.125-4.1
  • OpenOffice_org-sv >= 1.9.125-4.1
  • OpenOffice_org-tr >= 1.9.125-4.1
  • OpenOffice_org-zh-CN >= 1.9.125-4.1
  • OpenOffice_org-zh-TW >= 1.9.125-4.1
  • ooqstart >= 0.8.3-266.3