Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2007-2834

EPSS 15.20% · P95
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-2834

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
OpenOffice TIFF文件解析器输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache OpenOffice是美国阿帕奇(Apache)基金会的一款开源的办公软件套件。该套件包含文本文档、电子表格、演示文稿、绘图、数据库等。 OpenOffice处理包含畸形数据的文档时存在输入验证错误漏洞,远程攻击者可能利用此漏洞通过诱使用户打开恶意文档控制用户系统。OpenOffice组件的TIFF解析代码在解析TIFF目录项的某些标签时,解析器使用了文件中不可信任的值计算所要分配的内存数,因此如果用户提供了特定值的话就会在计算中出现整数溢出,导致分配不充分的缓冲区,而这又会触发堆溢出。成功
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2007-2834

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2007-2834

登录查看更多情报信息。

Same Patch Batch · n/a · 2007-09-18 · 51 CVEs total

CVE-2007-4943BaoFeng BaoFeng Storm 缓冲区溢出漏洞
CVE-2007-4927Axis Communications 207W网络摄像机We接口'axis-cgi/buffer/command.cgi'拒绝服务攻击漏洞
CVE-2007-4931HP系统管理主页不完整安装升级漏洞
CVE-2007-4932Shop-Script Shop-Script Shop-Script 输入验证漏洞
CVE-2007-4933Shop-Script Shop-Script Shop-Script 代码注入漏洞
CVE-2007-4934phpFFL PHPFFL_File_Root Parameter 多个远程文件包含漏洞
CVE-2007-4935PhpFFL代码注入漏洞
CVE-2007-4930Axis Communications 207W网络摄像机We接口跨站求情伪造漏洞
CVE-2007-4945LetterGrade 多个跨站脚本攻击漏洞
CVE-2007-4944Opera 9.22敏感信息泄露漏洞
CVE-2007-4946LetterGrade 敏感信息泄露漏洞
CVE-2007-4942Focus_SIS Focus_SIS Focus_SIS 代码注入漏洞
CVE-2007-4941KDE KDE KMPlayer 资源管理错误漏洞
CVE-2007-4940Media Player Classic Malformed AVI Header 多个远程漏洞
CVE-2007-4939Media Player Classic Malformed AVI Header 多个远程漏洞
CVE-2007-4938MPlayer AVIHeader.C Heap Based 缓冲区溢出漏洞
CVE-2007-4937CS-Guestbook Login Credentials 信息泄露漏洞
CVE-2007-4936SafeSquid Prior to 4.2.0 未明安全漏洞
CVE-2007-4137Trolltech Qt 缓冲区错误漏洞
CVE-2007-1865Redhat Redhat Enterprise_linux 数字错误漏洞

Showing top 20 of 51 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2007-2834

No comments yet

Leave a comment