Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 2 Jun 2011 16:01:38 -0400 (EDT)
From: Josh Bressers <>
Cc: Caolán McNamara <>,
        David Tardon <>,
        Evgeny Legerov <>,
        "Steven M. Christey" <>
Subject: Re: CVE Request -- -- InteVyDis Demo
 of OpenOffice 0day. Released with VulnDisco 8.8 pack (release date

----- Original Message -----
> Hello, Josh, Steve, vendors,
> A new security flaw, potentially allowing execution of arbitrary code
> with the privileges of the user running the suite tools
> has been reported by the InteVyDis security researchers team:
> [1]
> [2]!/legerov/status/75482755194032128
> References:
> [3]
> Unfortunately there doesn't seem to be further detailed information
> available right now. But from the Twitter post, looks this issue is
> still valid against v3.3.
> Hopefully Evgeny Legerov of InteVyDis security researchers team
> (Cc-ed)
> could provide further background information about this issue, i.e.
> if it is an old issue (like date of 2009 would suggest) and thus a CVE
> identifier has been already assigned to this issue or is this
> completely
> new issue (which did not get fixed from 2009 till now) and thus it
> requires a new CVE id.
> Evgeny, any further information you could provide here, to clear the CVE
> doubt is really appreciated.
> Once the CVE doubt cleared, could you allocate a CVE id for this issue?

I'd say this is plenty to give a CVE ID.

Use CVE-2011-2177



Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ