Mailinglist Archive: opensuse-bugs (15837 mails)

< Previous Next >
[Bug 302495] New: OpenOffice. org TIFF File Parsing nNumStripOffsets Heap Overflow Vulnerability
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Wed, 22 Aug 2007 06:58:21 -0600 (MDT)
  • Message-id: <bug-302495-21960@xxxxxxxxxxxxxxxxxxxxxxxxx/>
https://bugzilla.novell.com/show_bug.cgi?id=302495

           Summary: OpenOffice.org TIFF File Parsing nNumStripOffsets Heap
                    Overflow Vulnerability
           Product: openSUSE 10.3
           Version: Beta 1
          Platform: All
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: Security
        AssignedTo: security-team@xxxxxxx
        ReportedBy: pmladek@xxxxxxxxxx
         QAContact: qa@xxxxxxx
          Found By: ---


The OpenOffice.org security team was informaed about a vulenrability by
iDefense:

--- cut ---
PLEASE NOTE THIS A RE-SEND WITHOUT PROOF-OF-CONCEPT CODE.  IF YOU
REQUIRE THE POC PLEASE REQUEST IT.  We originally tried to contact the
OO security team on 5/1.  This is our second attempt.

PS. Do you have a PGP/GPG public key?

iDefense has identified two vulnerabilities in a OpenOffice.org product.
This vulnerability was submitted to iDefense through our Vulnerability
Contributor Program:

    http://www.idefense.com/vcp/

iDefense Labs has validated this vulnerability and has drafted the
attached advisory.  Additionally, we have provided proof-of-concept code
within poc.zip.  The password for this archive is 'proof-of-concept'
without single quotes.

In accordance with our vendor disclosure policy
(http://www.idefense.com/legal.php#disclosure), we request that you
acknowledge receipt of this initial notification within five business
days. Our intent is to begin the process of coordinating an appropriate
public disclosure date for this issue that will provide your company
with adequate time to develop a patch or workaround to mitigate this
vulnerability. If you have questions regarding this issue or require
further details to assist with your own analysis, please do not hesitate
to contact us.

It is always our goal to coordinate on the public disclosure of
patches/advisories as quickly as possible after a vulnerability is
discovered. If however a reasonable time-frame cannot be agreed upon for
this issue, it will be publicly released in 60 days on 06/30/2007.
iDefense is willing to work with a vendor to find a mutually agreeable
release date beyond this time-frame so long as the vendor continues to
make good faith efforts to produce patches in a timely fashion and
regularly informs iDefense of their progress in doing so.

Please note that if the affected product is included within other
applications and/or operating systems, iDefense will not be coordinating
disclosure of the vulnerability to affected third parties. We ask that
you handle this coordination separately.

Regards,

Joshua J. Drake
iDefense Labs
--- cut ---


-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >