CVE-2012-2334: Buffer Overflow
First published: Tue May 15 2012(Updated: )
An integer overflow flaw, leading to buffer overflow, was found in the way OpenOffice.org processed invalid Escher graphics records length in PowerPoint documents. An attacker could provide a specially-crafted PowerPoint document that, when opened, would cause OpenOffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running OpenOffice.org. Upstream patches: [1] <a href="http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da">http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da</a> [2] <a href="http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e">http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Openoffice.org | =3.3 | |
| Apache Openoffice.org | =3.4-beta | |
| Libreoffice Libreoffice | <=3.5.2 | |
| Libreoffice Libreoffice | =3.3.0 | |
| Libreoffice Libreoffice | =3.3.1 | |
| Libreoffice Libreoffice | =3.3.2 | |
| Libreoffice Libreoffice | =3.3.3 | |
| Libreoffice Libreoffice | =3.3.4 | |
| Libreoffice Libreoffice | =3.4.0 | |
| Libreoffice Libreoffice | =3.4.1 | |
| Libreoffice Libreoffice | =3.4.2 | |
| Libreoffice Libreoffice | =3.4.5 | |
| Libreoffice Libreoffice | =3.5 |
Remedy
http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da
Remedy
http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da
- http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=584890&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=584890&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=821803#c8
- http://www.libreoffice.org/advisories/cve-2012-2334/
- http://www.openoffice.org/security/cves/CVE-2012-2334.html
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=586622&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=586622&action=edit
- https://access.redhat.com/security/cve/CVE-2012-2334
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=587309&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=587309&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=587370&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=587370&action=edit
- https://rhn.redhat.com/errata/RHSA-2012-0705.html
- https://bugzilla.redhat.com/show_bug.cgi?id=821803
- http://archives.neohapsis.com/archives/bugtraq/2012-05/0091.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082168.html
- http://rhn.redhat.com/errata/RHSA-2012-0705.html
- http://secunia.com/advisories/46992
- http://secunia.com/advisories/47244
- http://secunia.com/advisories/49373
- http://secunia.com/advisories/49392
- http://secunia.com/advisories/60799
- http://securitytracker.com/id?1027070
- http://www.debian.org/security/2012/dsa-2487
- http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:090
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:091
- http://www.openwall.com/lists/oss-security/2012/05/28/2
- http://www.osvdb.org/82517
- http://www.securityfocus.com/bid/53570
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75695
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-2334
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/description
- agent/event
- vendor/apache
- canonical/apache openoffice.org
- version/apache openoffice.org/3.3
- version/apache openoffice.org/3.4-beta
- vendor/libreoffice
- canonical/libreoffice libreoffice
- version/libreoffice libreoffice/3.5.2
- version/libreoffice libreoffice/3.3.0
- version/libreoffice libreoffice/3.3.1
- version/libreoffice libreoffice/3.3.2
- version/libreoffice libreoffice/3.3.3
- version/libreoffice libreoffice/3.3.4
- version/libreoffice libreoffice/3.4.0
- version/libreoffice libreoffice/3.4.1
- version/libreoffice libreoffice/3.4.2
- version/libreoffice libreoffice/3.4.5
- version/libreoffice libreoffice/3.5