BugTraq
Hellcode Research: OpenOffice File Parsing Null Pointer Vulnerability Jan 14 2010 09:28AM
karakorsankara hotmail com
Release Date:

2010-01-14

Product:

OpenOffice

Tested Vulnerable Versions:

3.1.1 and 3.1.0

Vulnerability:

Null Pointer

Description:

Hellcode Research discovered a null pointer vulnerability in Openoffice for Windows.

Opening a malformed ".csv" file with Openoffice, causes a crash on "soffice.bin"

PoC:

http://tcc.hellcode.net/sploitz/csv.rar

Credits:

Hellcode Research

The Computer Cheats (TCC)

Natal Networks

Urls:

tcc.hellcode.net

forum.hellcode.net

www.natalnetworks.com

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus