CVE-2008-2238

Publication date 30 October 2008

Last updated 24 July 2024

Ubuntu priority

Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
openoffice.org	8.10 intrepid	Fixed 1:2.4.1-11ubuntu2.1
	8.04 LTS hardy	Fixed 1:2.4.1-1ubuntu2.1
	7.10 gutsy	Fixed 1:2.3.0-1ubuntu5.5
	7.04 feisty	Ignored end of life, was needed
	6.06 LTS dapper	Fixed 2.0.2-2ubuntu12.7
openoffice.org-amd64	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	7.10 gutsy	Not in release
	6.06 LTS dapper	Fixed 2.0.2-2ubuntu12.7-2

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-677-1
OpenOffice.org vulnerabilities
26 November 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2008-2238