34 lines
No EOL
558 B
Text
34 lines
No EOL
558 B
Text
Product:
|
|
|
|
OpenOffice
|
|
|
|
Tested Vulnerable Versions:
|
|
|
|
3.1.1 and 3.1.0
|
|
|
|
Vulnerability:
|
|
|
|
Null Pointer
|
|
|
|
Description:
|
|
|
|
Hellcode Research discovered a null pointer vulnerability in Openoffice for
|
|
Windows.
|
|
|
|
Opening a malformed ".slk" file with Openoffice, causes a crash on
|
|
"soffice.bin"
|
|
|
|
PoC:
|
|
|
|
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/11192.rar (slk.rar)
|
|
|
|
Credits:
|
|
karak0rsan and murderkey from Hellcode Research
|
|
|
|
The Computer Cheats (TCC)
|
|
|
|
Urls:
|
|
|
|
tcc.hellcode.net
|
|
|
|
forum.hellcode.net |