OpenOffice – ‘.slk’ Parsing Null Pointer

• Exploit Database
• 11 阅读

• 作者： Hellcode Research
  日期： 2010-01-19
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/11192/

• Product:
  
  OpenOffice
  
  Tested Vulnerable Versions:
  
  3.1.1 and 3.1.0
  
  Vulnerability:
  
  Null Pointer
  
  Description:
  
  Hellcode Research discovered a null pointer vulnerability in Openoffice for
  Windows.
  
  Opening a malformed ".slk" file with Openoffice, causes a crash on
  "soffice.bin"
  
  PoC:
  
  https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/11192.rar (slk.rar)
  
  Credits:
  karak0rsan and murderkey from Hellcode Research
  
  The Computer Cheats (TCC)
  
  Urls:
  
  tcc.hellcode.net
  
  forum.hellcode.net