Intrusion Prevention

OpenOffice.TIFF.File.Parsing.Integer.Overflow

Description

This indicates an attack attempt against a heap-overflow vulnerability in the TIFF parsing code of the OpenOffice suite.
The vulnerability is caused by the application's failure to properly check the bounds of user-supplied data. A remote attacker may exploit this to execute arbitrary code.

Affected Products

OpenOffice 2.2.1 and older
Sun StarOffice 6, 7, and 8

Impact

System compromise or denial of service

Recommended Actions

Upgrade to OpenOffice.org version 2.3.0:
http://download.openoffice.org/2.3.0/index.html?focus=download

CVE References

CVE-2007-2834