Date: Wed, 11 Aug 2010 12:37:27 +0200 From: Jan Lieskovsky <jlieskov@...hat.com> To: "Steven M. Christey" <coley@...us.mitre.org> CC: oss-security <oss-security@...ts.openwall.com>, Caolan McNamara <caolanm@...hat.com>, David Tardon <dtardon@...hat.com>, Malte Timmermann <malte.timmermann@...cle.com> Subject: CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow Hi Steve, vendors, two security flaws have been reported against OpenOffice.org's Impress tool:  http://securityevaluators.com/files/papers/CrashAnalysis.pdf A, an integer truncation error, leading to heap-based buffer overflow when processing dictionary property items of the input *.ppt file: References:  https://bugzilla.redhat.com/show_bug.cgi?id=622529  http://secunia.com/advisories/40775/  http://securityevaluators.com/files/papers/CrashAnalysis.pdf  http://www.openoffice.org/servlets/ReadMsg?list=dev&msgNo=27690 B, a short integer overflow, leading to heap-based buffer overflow, when processing *.ppt document with too big polygons References:  https://bugzilla.redhat.com/show_bug.cgi?id=622555  http://secunia.com/advisories/40775/  http://securityevaluators.com/files/papers/CrashAnalysis.pdf  http://www.openoffice.org/servlets/ReadMsg?list=dev&msgNo=27690 Could you allocate CVE ids for these two issues? Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ