CVE-2007-0245

{"id": "CVE-2007-0245", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-06-12T21:30:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/35378", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25648", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25650", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25673", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25705", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25862", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25894", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25905", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26010", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26022", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26476", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102917-1", "source": "cve@mitre.org"}, {"url": "http://sw.openoffice.org/source/browse/sw/sw/source/filter/rtf/swparrtf.cxx?rev=1.67", "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2007/dsa-1307", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml", "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:144", "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2007_37_openoffice.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0406.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/471274/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24450", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018239", "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/usn-482-1", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2166", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2229", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34843", "source": "cve@mitre.org"}, {"url": "https://issues.rpath.com/browse/RPL-1570", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10002", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en OpenOffice.org (OOo) versi\u00f3n 2.2.1 y anteriores permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo RTF con una etiqueta prtdata creada con una incoherencia de par\u00e1metro length, lo que causa que las entradas de vtable se sobrescriban."}], "lastModified": "2018-10-16T16:32:00.277", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openoffice:openoffice:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD147419-4F40-4CC7-B372-C1B69260DCA3", "versionEndIncluding": "2.2.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}