Vulnerability Details : CVE-2009-2949
Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
Vulnerability category: OverflowExecute code
Products affected by CVE-2009-2949
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
Threat overview for CVE-2009-2949
Top countries where our scanners detected CVE-2009-2949
Top open port discovered on systems with this issue
5555
IPs affected by CVE-2009-2949 121
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2009-2949!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2009-2949
64.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-2949
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2009-2949
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-2949
-
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html
[security-announce] SUSE Security Announcement: OpenOffice.org (SUSE-SA:Third Party Advisory
-
http://www.vupen.com/english/advisories/2010/2905
Webmail | OVH- OVHBroken Link
-
http://www.redhat.com/support/errata/RHSA-2010-0101.html
SupportBroken Link
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10176
Repository / Oval RepositoryTool Signature
-
http://www.vupen.com/english/advisories/2010/0635
Webmail | OVH- OVHBroken Link
-
http://securitytracker.com/id?1023591
Broken Link;Third Party Advisory;VDB Entry
-
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
Oracle Critical Patch Update - October 2010Third Party Advisory
-
http://www.vupen.com/english/advisories/2010/0366
Webmail : Solution de messagerie professionnelle - OVHcloud- OVHBroken Link;Patch
-
http://www.us-cert.gov/cas/techalerts/TA10-287A.html
Oracle Updates for Multiple Vulnerabilities | CISAThird Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/38218
BugtraqBroken Link;Third Party Advisory;VDB Entry
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:221
mandriva.comBroken Link
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/56236
OpenOffice.org XPM file buffer overflow CVE-2009-2949 Vulnerability ReportThird Party Advisory;VDB Entry
-
https://bugzilla.redhat.com/show_bug.cgi?id=527540
527540 – (CVE-2009-2949) CVE-2009-2949 openoffice.org: integer overflow in XPM processingIssue Tracking;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-903-1
USN-903-1: OpenOffice.org vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.openoffice.org/security/cves/CVE-2009-2949.html
CVE-2009-2949Vendor Advisory
-
http://www.openoffice.org/security/bulletin.html
Apache OpenOffice Security Team BulletinVendor Advisory
-
http://www.debian.org/security/2010/dsa-1995
Debian -- Security Information -- DSA-1995-1 openoffice.orgThird Party Advisory
-
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
OpenOffice, LibreOffice: Multiple vulnerabilities (GLSA 201408-19) — Gentoo securityThird Party Advisory
Jump to