CVE-2007-2834

critical Apache
CVSS v3 Base Score
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Score
14.7%
Exploitation probability in 30 days
Top 5% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: September 18, 2007 (6812 days ago)
Last Modified: April 23, 2026
Vendor: Apache
Source: NVD

Description

Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.

CWE

CWE-190

Affected Products

apache openofficesun starofficesun starsuitedebian debian linuxcanonical ubuntu linux

References

🔗 bugs.gentoo.org 🔗 fedoranews.org 🔗 fedoranews.org 🔗 labs.idefense.com 🔗 lists.opensuse.org