CESA-2008-006 - rev 1
[See all my vulnerabilities at
http://scary.beasts.org/security]
[Blog if you want to subscribe to new findings is at
http://scarybeastsecurity.blogspot.com/]
OpenOffice PCX image format crash
Programs affected: OpenOffice 2.0 or so.
Version fixed: OpenOffice 2.4.1 seems unaffected.
Severity: Unknown
A kind of lame note, but I have a PCX image that used to crash out OpenOffice
but no longer does. I can't remember what the deal was; it's been well over
a year since I was playing with this.
Demo document: http://scary.beasts.org/misc/pcx.odt
OpenOffice supports an interesting and varied list of image formats. Someone
should go forth and hack them.
Credits
- Google - this flaw was discovered in Google's time. I'm with Google's
Security Team, and we're always recruiting talented security individuals.
Mail me.
CESA-2008-006 - rev 1
Chris Evans
scarybeasts@gmail.com