CVE-2011-2713: Buffer Overflow
First published: Tue Jul 26 2011(Updated: )
A heap-based buffer out-ouf-bounds read was found in the way OpenOffice.org imported certain Microsoft Word Binary File Format (.DOC) file.If a user opened a specially-crafted DOC file in OpenOffice.org suite tool (oowriter), it could lead to denial of service (oowriter executable crash), or possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Writer. This has been assigned <a href="https://access.redhat.com/security/cve/CVE-2011-2713">CVE-2011-2713</a>.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun Openoffice.org | =3.3.0 | |
| Libreoffice Libreoffice | =3.3.1 | |
| Libreoffice Libreoffice | =3.3.4 | |
| Libreoffice Libreoffice | =3.4.1 | |
| Libreoffice Libreoffice | =3.4.0 | |
| Libreoffice Libreoffice | =3.3.3 | |
| Libreoffice Libreoffice | =3.3.0 | |
| Libreoffice Libreoffice | =3.3.2 | |
| Libreoffice Libreoffice | <=3.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securitytracker.com/id?1026145
- http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html
- https://bugzilla.redhat.com/show_bug.cgi?id=725668
- http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html
- http://www.securityfocus.com/bid/49969
- http://www.libreoffice.org/advisories/CVE-2011-2713/
- http://www.debian.org/security/2011/dsa-2315
- http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html
- http://osvdb.org/76178
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:172
- http://security.gentoo.org/glsa/glsa-201209-05.xml
- http://secunia.com/advisories/50692
- http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
- http://secunia.com/advisories/60799
- https://access.redhat.com/security/cve/CVE-2011-2713
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515212&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515212&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515213&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515213&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515214&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515214&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515215&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515215&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515216&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=515216&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=523579&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=523579&action=edit
- https://access.redhat.com/security/cve/CVE-2010-3452
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-2713
- vendor/sun
- canonical/sun openoffice.org
- version/sun openoffice.org/3.3.0
- vendor/libreoffice
- canonical/libreoffice libreoffice
- version/libreoffice libreoffice/3.3.1
- version/libreoffice libreoffice/3.3.4
- version/libreoffice libreoffice/3.4.1
- version/libreoffice libreoffice/3.4.0
- version/libreoffice libreoffice/3.3.3
- version/libreoffice libreoffice/3.3.0
- version/libreoffice libreoffice/3.3.2
- version/libreoffice libreoffice/3.4.2