Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL
Openoffice Openoffice.org 2.1 (not an official CPE)
Openoffice Openoffice.org 2.2.1 (not an official CPE)
Openoffice Openoffice.org 2.0.3 (not an official CPE)
Openoffice Openoffice.org 2.2 (not an official CPE)
Openoffice Openoffice.org 2.3 (not an official CPE)
Openoffice Openoffice.org 2.3.1 (not an official CPE)