CVE-2008-2237 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Vendor	Product	Version
openoffice	openoffice.org	𝑥 ≤ 2.4.1
openoffice	openoffice.org	2.0
openoffice	openoffice.org	2.0.2
openoffice	openoffice.org	2.0.3
openoffice	openoffice.org	2.0.4
openoffice	openoffice.org	2.1
openoffice	openoffice.org	2.2
openoffice	openoffice.org	2.2.1
openoffice	openoffice.org	2.3
openoffice	openoffice.org	2.3.1
openoffice	openoffice.org	2.4
openoffice	openoffice.org	2.4.1

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

openoffice.org

intrepid	Fixed 1:2.4.1-11ubuntu2.1 released
hardy	Fixed 1:2.4.1-1ubuntu2.1 released
gutsy	Fixed 1:2.3.0-1ubuntu5.5 released
dapper	Fixed 2.0.2-2ubuntu12.7 released

openoffice.org-amd64

intrepid	dne
hardy	dne
gutsy	dne
dapper	Fixed 2.0.2-2ubuntu12.7-2 released

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html

http://neowiki.neooffice.org/index.php/NeoOffice_2.2.5_Patch_3_New_Features#Security_fixes

http://secunia.com/advisories/32419

http://secunia.com/advisories/32461

http://secunia.com/advisories/32463

http://secunia.com/advisories/32489

http://secunia.com/advisories/32676

http://secunia.com/advisories/32856

http://secunia.com/advisories/32872

http://secunia.com/advisories/33140

http://security.gentoo.org/glsa/glsa-200812-13.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-242627-1

http://www.debian.org/security/2008/dsa-1661

http://www.openoffice.org/security/cves/CVE-2008-2237.html

http://www.redhat.com/support/errata/RHSA-2008-0939.html

http://www.securityfocus.com/bid/31962

http://www.securitytracker.com/id?1021120

http://www.ubuntu.com/usn/usn-677-1

http://www.ubuntu.com/usn/usn-677-2

http://www.vupen.com/english/advisories/2008/2947

http://www.vupen.com/english/advisories/2008/3103

https://exchange.xforce.ibmcloud.com/vulnerabilities/46165

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10784

https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00905.html

https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00923.html

http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html

http://neowiki.neooffice.org/index.php/NeoOffice_2.2.5_Patch_3_New_Features#Security_fixes

http://secunia.com/advisories/32419

http://secunia.com/advisories/32461

http://secunia.com/advisories/32463

http://secunia.com/advisories/32489

http://secunia.com/advisories/32676

http://secunia.com/advisories/32856

http://secunia.com/advisories/32872

http://secunia.com/advisories/33140

http://security.gentoo.org/glsa/glsa-200812-13.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-242627-1

http://www.debian.org/security/2008/dsa-1661

http://www.openoffice.org/security/cves/CVE-2008-2237.html

http://www.redhat.com/support/errata/RHSA-2008-0939.html

http://www.securityfocus.com/bid/31962

http://www.securitytracker.com/id?1021120

http://www.ubuntu.com/usn/usn-677-1

http://www.ubuntu.com/usn/usn-677-2

http://www.vupen.com/english/advisories/2008/2947

http://www.vupen.com/english/advisories/2008/3103

https://exchange.xforce.ibmcloud.com/vulnerabilities/46165

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10784

https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00905.html

https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00923.html