FKIE_CVE-2009-2139

Vulnerability from fkie_nvd - Published: 2009-09-08 23:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a similar issue to CVE-2008-2238.
References
cve@mitre.orghttp://cgit.freedesktop.org/ooo-build/ooo-build/commit/?id=49b4e38571912a7d28c4044e5b2bd57e51c77d55
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
cve@mitre.orghttp://marc.info/?l=oss-security&m=125258116800739&w=2
cve@mitre.orghttp://marc.info/?l=oss-security&m=125265261125765&w=2
cve@mitre.orghttp://marc.info/?l=oss-security&m=125363445702917&w=2
cve@mitre.orghttp://secunia.com/advisories/36613Vendor Advisory
cve@mitre.orghttp://www.debian.org/security/2009/dsa-1880Patch
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:035
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:091
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2010:105
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2009/10/26/2
cve@mitre.orghttp://www.securityfocus.com/bid/36291
af854a3a-2127-422b-91ae-364da2661108http://cgit.freedesktop.org/ooo-build/ooo-build/commit/?id=49b4e38571912a7d28c4044e5b2bd57e51c77d55
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=oss-security&m=125258116800739&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=oss-security&m=125265261125765&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=oss-security&m=125363445702917&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36613Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1880Patch
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:035
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:091
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:105
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2009/10/26/2
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36291
Impacted products
Vendor Product Version
sun openoffice.org 2.0.0
sun openoffice.org 2.0.3
sun openoffice.org 2.0.4
sun openoffice.org 2.1.0
sun openoffice.org 2.2.0
sun openoffice.org 2.2.1
sun openoffice.org 2.3.0
sun openoffice.org 2.3.1
sun openoffice.org 2.4.0
sun openoffice.org 2.4.1
sun openoffice.org 2.4.2
sun openoffice.org 2.4.3
sun openoffice.org 3.0.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4F46C7F-E645-4F87-B897-431039A17BE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2693A016-B0D3-4B14-9EAF-D79623931CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB2CB19D-E988-4757-A06C-C10FA529822B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A76AAD8-2ACB-44C4-895A-FBA85058FC02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "71982BDE-67C3-4BEF-B878-CD5701F48983",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "229AB3A5-5ED7-4B43-9116-E432BC139481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECD5BBAD-8555-4C89-9168-4DB54636D13A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2EA0695-7A9E-44C4-AF0C-070F4B974989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4E3D4EA-25F3-4EB9-A1E4-AD10315B6CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A78642E4-BBF6-4593-9666-42ED2145107E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BA9E3C2-AF95-48D4-9329-7D0C424DCC1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F711CC8-3DD6-479B-AC6A-1AB3D90DE1CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:openoffice.org:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64366513-9A88-4D89-BB29-5B91781AA51C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a similar issue to CVE-2008-2238."
    },
    {
      "lang": "es",
      "value": "Hay un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en svtools/source/filter.vcl/wmf/enhwmf.cxx en Go-oo versiones 2.xy 3.x anterior a 3.0.1, anteriormente ooo-build y relacionado con OpenOffice.org (OOo), permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo EMF creado, un problema similar al CVE-2008-2238."
    }
  ],
  "id": "CVE-2009-2139",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-09-08T23:30:00.517",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://cgit.freedesktop.org/ooo-build/ooo-build/commit/?id=49b4e38571912a7d28c4044e5b2bd57e51c77d55"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=oss-security\u0026m=125258116800739\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=oss-security\u0026m=125265261125765\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=oss-security\u0026m=125363445702917\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36613"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1880"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:035"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:091"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:105"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/10/26/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/36291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cgit.freedesktop.org/ooo-build/ooo-build/commit/?id=49b4e38571912a7d28c4044e5b2bd57e51c77d55"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=125258116800739\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=125265261125765\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=oss-security\u0026m=125363445702917\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36613"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1880"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:035"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/10/26/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36291"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of openoffice.org and openoffice.org2 packages as shipped with Red Hat Enterprise Linux 3, 4, or 5.",
      "lastModified": "2009-09-10T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.