In association with heise online

08 August 2012, 11:57

Buffer overflows in KOffice and Calligra reported

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

ODF icon

A buffer overflow vulnerability which affects both the KOffice and Calligra office suites has been disclosed by Charlie Miller of Accuvant Labs. The vulnerability, which allows an attacker to execute arbitrary code by exploiting an error in the read() function of the ODF renderer, was revealed as part of Miller's presentation on NFC hacking at the recent Black Hat conference.

The vulnerability is exploited by tricking a user into opening a malicious ODF file that then causes a heap-based buffer overflow and leads to the attacker's code being executed. Since KOffice runs on the Nokia N9 smartphone, Miller demonstrated how a maliciously crafted ODF file sent over NFC can be used to execute arbitrary code on the target phone.

More information on the vulnerability is available in Miller's paperPDF which he presented at the Black Hat conference. The vulnerability is rated "Highly Critical" by Secunia and, to date, has not been fixed in either KOffice or Calligra.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit