Unrated severityNVD Advisory· Published Oct 30, 2008· Updated Apr 23, 2026
CVE-2008-2238
CVE-2008-2238
Description
Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.
Affected products
12cpe:2.3:a:openoffice:openoffice.org:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:openoffice:openoffice.org:*:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:openoffice:openoffice.org:2.4.1:*:64-bit:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
27- www.debian.org/security/2008/dsa-1661nvdPatch
- www.openoffice.org/security/cves/CVE-2008-2238.htmlnvdPatch
- www.securityfocus.com/bid/31962nvdPatch
- secunia.com/advisories/32419nvdVendor Advisory
- secunia.com/advisories/32461nvdVendor Advisory
- secunia.com/advisories/32489nvdVendor Advisory
- labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
- lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.htmlnvd
- neowiki.neooffice.org/index.php/NeoOffice_2.2.5_Patch_3_New_Featuresnvd
- secunia.com/advisories/32463nvd
- secunia.com/advisories/32676nvd
- secunia.com/advisories/32856nvd
- secunia.com/advisories/32872nvd
- secunia.com/advisories/33140nvd
- security.gentoo.org/glsa/glsa-200812-13.xmlnvd
- sunsolve.sun.com/search/document.donvd
- www.redhat.com/support/errata/RHSA-2008-0939.htmlnvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/usn-677-1nvd
- www.ubuntu.com/usn/usn-677-2nvd
- www.vupen.com/english/advisories/2008/2947nvd
- www.vupen.com/english/advisories/2008/3103nvd
- www.vupen.com/english/advisories/2008/3153nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46166nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10849nvd
- www.redhat.com/archives/fedora-package-announce/2008-October/msg00905.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-October/msg00923.htmlnvd
News mentions
0No linked articles in our index yet.