Intrusion Prevention

OpenOffice.SwRTFParser.ReadPrtData.Function.Command.Execution

Description

This indicates a possible exploit of a heap overflow vulnerability in OpenOffice, which is caused by a flaw in the "SwRTFParser::ReadPrtData()" [filter/rtf/swparrtf.cxx] function when it handles a "prtdata" tag.

Affected Products

OpenOffice.org version 2.2.0 and prior.

Impact

System compromise, remote code execution.

Recommended Actions

Upgrade to the latest version, available from the Web site.
http://download.openoffice.org/index.html

CVE References

CVE-2007-0245 CVE-2007-2754