Unrated severityNVD Advisory· Published Feb 16, 2010· Updated Apr 29, 2026
CVE-2009-2950
CVE-2009-2950
Description
Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression.
Affected products
7cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
24- www.openoffice.org/security/bulletin.htmlnvdPatchVendor Advisory
- www.openoffice.org/security/cves/CVE-2009-2950.htmlnvdPatchVendor Advisory
- www.vupen.com/english/advisories/2010/0366nvdBroken LinkPatch
- lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.htmlnvdBroken LinkThird Party Advisory
- securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.debian.org/security/2010/dsa-1995nvdThird Party Advisory
- www.gentoo.org/security/en/glsa/glsa-201408-19.xmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/cpuoct2010-175626.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/38218nvdBroken LinkThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-903-1nvdThird Party Advisory
- www.us-cert.gov/cas/techalerts/TA10-287A.htmlnvdThird Party AdvisoryUS Government Resource
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/56238nvdThird Party AdvisoryVDB Entry
- secunia.com/advisories/38567nvdBroken Link
- secunia.com/advisories/38568nvdBroken Link
- secunia.com/advisories/38695nvdBroken Link
- secunia.com/advisories/38921nvdBroken Link
- secunia.com/advisories/41818nvdBroken Link
- secunia.com/advisories/60799nvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.redhat.com/support/errata/RHSA-2010-0101.htmlnvdBroken Link
- www.vupen.com/english/advisories/2010/0635nvdBroken Link
- www.vupen.com/english/advisories/2010/2905nvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11050nvdTool Signature
News mentions
0No linked articles in our index yet.