What is CVE-2008-0320?

CVE-2008-0320 is a vulnerability in N/a. Published 2008-04-17.

Is CVE-2008-0320 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-0320

Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.

EPSS: 0.820 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

29913 (x_refsource_SECUNIA, third-party-advisory)
MDVSA-2008:090 (vendor-advisory, x_refsource_MANDRIVA)
RHSA-2008:0175 (x_refsource_REDHAT, vendor-advisory)
29852 (x_refsource_SECUNIA, third-party-advisory)
SUSE-SA:2008:023 (vendor-advisory, x_refsource_SUSE)
openoffice-ole-bo(41860) (vdb-entry, x_refsource_XF)
20080417 Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability (x_refsource_IDEFENSE, third-party-advisory)
29864 (x_refsource_SECUNIA, third-party-advisory)
29844 (x_refsource_SECUNIA, third-party-advisory)
GLSA-200805-16 (vendor-advisory, x_refsource_GENTOO)

Frequently asked questions

What is CVE-2008-0320?: CVE-2008-0320 is a vulnerability in N/a. Published 2008-04-17.
Is CVE-2008-0320 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.