CVE-2012-5639: Apache OpenOffice: Loading internal / external resources without warning
First published: Fri Dec 20 2019(Updated: )
LibreOffice and OpenOffice automatically open embedded content
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Libreoffice Libreoffice | ||
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Apache OpenOffice | ||
| debian/libreoffice | <=1:7.0.4-4+deb11u10<=1:7.0.4-4+deb11u11<=4:7.4.7-1+deb12u4<=4:7.4.7-1+deb12u5<=4:24.8.2-1<=4:24.8.2-2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2012/12/14/1
- https://access.redhat.com/security/cve/cve-2012-5639
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639
- https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E
- https://security-tracker.debian.org/tracker/CVE-2012-5639
- https://bugs.freedesktop.org/show_bug.cgi?id=58295
- http://whatofhow.wordpress.com/2013/12/02/stealth-mode/
- http://www.openwall.com/lists/oss-security/2023/12/28/6
- http://www.openwall.com/lists/oss-security/2024/01/03/6
- http://www.openwall.com/lists/oss-security/2024/01/03/7
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2012-5639.
What is the title of this vulnerability?
The title of this vulnerability is "LibreOffice and OpenOffice automatically open embedded content".
What is the severity of CVE-2012-5639?
The severity of CVE-2012-5639 is medium (6.5).
Which software is affected by CVE-2012-5639?
LibreOffice, OpenOffice, and Debian Linux versions 8.0, 9.0, and 10.0 are affected by CVE-2012-5639.
How can I fix CVE-2012-5639?
There is no known fix or patch available for CVE-2012-5639 at the moment, it is recommended to follow the mitigation steps provided by the affected software vendors.
- collector/oss-sec
- alias/CVE-2012-5639
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- source/oss-sec
- agent/author
- agent/title
- agent/severity
- agent/weakness
- agent/event
- agent/description
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/tags
- collector/mitre-cve
- source/MITRE
- package-manager/debian
- vendor/libreoffice
- canonical/libreoffice libreoffice
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- vendor/apache
- canonical/apache openoffice