CVE-2009-2949: openoffice.org: integer overflow in XPM processing

Severity: Critical

CVSS Score: 9.3

Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.