National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2007-2834 Detail

Current Description

Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.

Source:  MITRE      Last Modified:  09/18/2007      View Analysis Description

Quick Info

CVE Dictionary Entry:
CVE-2007-2834
Original release date:
09/18/2007
Last revised:
10/10/2017
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
9.3 HIGH
Vector:
(AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)
Impact Subscore:
10.0
Exploitability Subscore:
8.6
CVSS Version 2 Metrics:
Access Vector:
Network exploitable - Victim must voluntarily interact with attack mechanism
Access Complexity:
Medium
Authentication:
Not required to exploit
Impact Type:
Provides administrator access, Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://bugs.gentoo.org/show_bug.cgi?id=192818 External Source CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=192818
http://fedoranews.org/updates/FEDORA-2007-237.shtml External Source FEDORA FEDORA-2007-2372
http://fedoranews.org/updates/FEDORA-2007-700.shtml External Source FEDORA FEDORA-2007-700
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=593 External Source IDEFENSE 20070917 Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities
http://lists.opensuse.org/opensuse-security-announce/2007-09/msg00002.html External Source SUSE SUSE-SA:2007:052
http://security.gentoo.org/glsa/glsa-200710-24.xml External Source GENTOO GLSA-200710-24
http://securitytracker.com/id?1018702 External Source SECTRACK 1018702
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102994-1 External Source SUNALERT 102994
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200190-1 External Source SUNALERT 200190
http://www.debian.org/security/2007/dsa-1375 Patch External Source DEBIAN DSA-1375
http://www.mandriva.com/security/advisories?name=MDKSA-2007:186 External Source MANDRIVA MDKSA-2007:186
http://www.openoffice.org/security/cves/CVE-2007-2834.html Patch External Source CONFIRM http://www.openoffice.org/security/cves/CVE-2007-2834.html
http://www.redhat.com/support/errata/RHSA-2007-0848.html Vendor Advisory External Source REDHAT RHSA-2007:0848
http://www.securityfocus.com/archive/1/archive/1/479965/100/0/threaded External Source BUGTRAQ 20070919 FLEA-2007-0056-1 openoffice.org
http://www.securityfocus.com/bid/25690 Patch External Source BID 25690
http://www.ubuntu.com/usn/usn-524-1 External Source UBUNTU USN-524-1
http://www.vupen.com/english/advisories/2007/3184 Vendor Advisory External Source VUPEN ADV-2007-3184
http://www.vupen.com/english/advisories/2007/3262 Vendor Advisory External Source VUPEN ADV-2007-3262
https://exchange.xforce.ibmcloud.com/vulnerabilities/36656 External Source XF openoffice-tiff-bo(36656)
https://issues.rpath.com/browse/RPL-1740 External Source CONFIRM https://issues.rpath.com/browse/RPL-1740
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9967 External Source OVAL oval:org.mitre.oval:def:9967

References to Check Content

Identifier:
oval:org.mitre.oval:def:9967
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9967

Technical Details

Vulnerability Type (View All)

Vulnerable software and versions Switch to CPE 2.2

Configuration 1
AND
OR
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:3:*:*:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*
OR
cpe:2.3:a:openoffice:openoffice:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:openoffice:openoffice:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:openoffice:openoffice:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:sun:staroffice:6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:staroffice:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:staroffice:8.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:starsuite:*:*:*:*:*:*:*:*
Configuration 2
OR
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:3.0:*:desktop:*:*:*:*:*
cpe:2.3:o:redhat:linux:4.0:*:desktop:*:*:*:*:*

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History 3 change records found - show changes