[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Hellcode Research: OpenOffice File Parsing Null Pointer Vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Hellcode Research: OpenOffice File Parsing Null Pointer Vulnerability
- From: karakorsankara@xxxxxxxxxxx
- Date: 14 Jan 2010 09:28:20 -0000
Release Date:
2010-01-14
Product:
OpenOffice
Tested Vulnerable Versions:
3.1.1 and 3.1.0
Vulnerability:
Null Pointer
Description:
Hellcode Research discovered a null pointer vulnerability in Openoffice for
Windows.
Opening a malformed ".csv" file with Openoffice, causes a crash on "soffice.bin"
PoC:
http://tcc.hellcode.net/sploitz/csv.rar
Credits:
Hellcode Research
The Computer Cheats (TCC)
Natal Networks
Urls:
tcc.hellcode.net
forum.hellcode.net
www.natalnetworks.com