CVE-2007-0002

EPSS 9.1%

openoffice.org - several vulnerabilities

Published: 3/16/2007Modified: 4/28/2026

Description

Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466.

Affected packages (3)

Debian/libwpdfrom 0, < 0.8.9-1
Debian/libwpdfrom 0, < 0.8.1-1sarge1
Debian/openoffice.orgfrom 0, < 1.1.3-9sarge6

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-0002