34 lines
No EOL
516 B
Text
34 lines
No EOL
516 B
Text
Product:
|
|
|
|
OpenOffice
|
|
|
|
Tested Vulnerable Versions:
|
|
|
|
3.1.1 and 3.1.0
|
|
|
|
Vulnerability:
|
|
|
|
Null Pointer
|
|
|
|
Description:
|
|
|
|
Hellcode Research discovered a null pointer vulnerability in Openoffice for
|
|
Windows.
|
|
|
|
Opening a malformed ".slk" file with Openoffice, causes a crash on
|
|
"soffice.bin"
|
|
|
|
PoC:
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/11192.rar (slk.rar)
|
|
|
|
Credits:
|
|
karak0rsan and murderkey from Hellcode Research
|
|
|
|
The Computer Cheats (TCC)
|
|
|
|
Urls:
|
|
|
|
tcc.hellcode.net
|
|
|
|
forum.hellcode.net |