Kalau yang seperti ini bagaimana ya ?
bisa masuk ke linux-security ? ;)
StarOffice can be caused to crash by a simply embedding a URL
----------------------------------------------------------------------------
----
SUMMARY
It is possible to cause StarOffice to crash, and possibly execute
arbitrary code by embedding an HREF HTML tag with a very long URL inside
it, the StarOffice will automatically parse this HTML tag causing it to
crash upon opening of the document.
DETAILS
Vulnerable systems:
Sun StarOffice 5.1
Exploit:
There is a way to cause a buffer overflow (and possibly the execution of
arbitrary code) while viewing documents using the StarOffice package, all
you have to do is embed an HTML tag such as this:
<a href="file://aaaaaaaaalotof...">
The HTML tag will cause a crash upon opening of the document (you don't
have to click that link).
ADDITIONAL INFORMATION
The information was provided by: <mailto:[EMAIL PROTECTED]> Michal Zalewski.
-------
AFLHI 058009990407128029/089802---(102598//991024)
--------------------------------------------------------------------------
Utk berhenti langganan, kirim email ke [EMAIL PROTECTED]
Informasi arsip di http://www.linux.or.id/milis.php3
Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
