A buffer is allocated based on the specified data type, but data is copied into this buffer with a different length, also specified in the dbase file. He knew exactly what he was looking for, and found vulnerable code right away. He managed to achieve code execution in dbfview, but that wasn’t enough.Īrmed with a vulnerability in one application, turned his attention to OpenOffice. He put together a fuzzing approach using Peach Fuzzer, and found a handful of possible vulnerabilities in the file format, by testing a very simple file viewer that supported the format. This database format was eventually used all over the place, and is still supported in Microsoft Office, Libreoffice, and OpenOffice. decided to concentrate on a file format, and picked the venerable dbase format.
We start this week with a good write-up by on getting started on vulnerability hunting, and news of a problem in OpenOffice’s handling of DBase files.
