https://bugzilla.novell.com/show_bug.cgi?id=302495 Summary: OpenOffice.org TIFF File Parsing nNumStripOffsets Heap Overflow Vulnerability Product: openSUSE 10.3 Version: Beta 1 Platform: All OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: pmladek@novell.com QAContact: qa@suse.de Found By: --- The OpenOffice.org security team was informaed about a vulenrability by iDefense: --- cut --- PLEASE NOTE THIS A RE-SEND WITHOUT PROOF-OF-CONCEPT CODE. IF YOU REQUIRE THE POC PLEASE REQUEST IT. We originally tried to contact the OO security team on 5/1. This is our second attempt. PS. Do you have a PGP/GPG public key? iDefense has identified two vulnerabilities in a OpenOffice.org product. This vulnerability was submitted to iDefense through our Vulnerability Contributor Program: http://www.idefense.com/vcp/ iDefense Labs has validated this vulnerability and has drafted the attached advisory. Additionally, we have provided proof-of-concept code within poc.zip. The password for this archive is 'proof-of-concept' without single quotes. In accordance with our vendor disclosure policy (http://www.idefense.com/legal.php#disclosure), we request that you acknowledge receipt of this initial notification within five business days. Our intent is to begin the process of coordinating an appropriate public disclosure date for this issue that will provide your company with adequate time to develop a patch or workaround to mitigate this vulnerability. If you have questions regarding this issue or require further details to assist with your own analysis, please do not hesitate to contact us. It is always our goal to coordinate on the public disclosure of patches/advisories as quickly as possible after a vulnerability is discovered. If however a reasonable time-frame cannot be agreed upon for this issue, it will be publicly released in 60 days on 06/30/2007. iDefense is willing to work with a vendor to find a mutually agreeable release date beyond this time-frame so long as the vendor continues to make good faith efforts to produce patches in a timely fashion and regularly informs iDefense of their progress in doing so. Please note that if the affected product is included within other applications and/or operating systems, iDefense will not be coordinating disclosure of the vulnerability to affected third parties. We ask that you handle this coordination separately. Regards, Joshua J. Drake iDefense Labs --- cut --- -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.