Vulnerabilities

EMF parser implementation in OpenOffice.org (OOo) in SUSE openSUSE 10.3... (PC1-2009-2503)

Vulnerability chart	Risk level Low Medium High Extreme Severe Warning: security vulnerability level = low 23 vulnerabilities(-y) found between 31 October, 2000 and 6 October, 2009. OpenOffice.org (OO.o or OOo) generally identified as OpenOffice points to an... more See also: The OpenOffice Buffer overflow vulnerability exists in the EMF parser implementation in OpenOffice.org (OOo) in SUSE openSUSE 10.3 through 11.1, Novell Linux Desktop (NLD) 9, and SUSE Linux Enterprise (SLE) 10 and 11.
Remote Access Unknown patch availability Patch implementation unknown

Description:	It has unidentified influence and remote attack vectors, associated with enhwmf.cxx and emfplus.cxx.
Impact:	With the help of this type of vulnerability, malicious users are enabled to leak information, made changes without any authorization and break up a service.
Solution:
References:	http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html

CVSS Severity		CVSS Version 2 Metrics:
CVSS v2 Base Score:	9.3 (HIGH)	Access Vector:	N/A
Impact Subscore:	10.0	Access Complexity:	Medium
Exploitability Subscore:	8.6	Authentication:	Not required to exploit
		Impact Type:	Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service